General
-
Target
5ff19fe6d7c5c0859f6d54cbe39c4766
-
Size
228KB
-
Sample
221221-dc3amaef4t
-
MD5
5ff19fe6d7c5c0859f6d54cbe39c4766
-
SHA1
6b99c05d0b28015f904104260fdfaabb4d0bf24f
-
SHA256
09dce1b6665ae2ab3224de5d03f3b6717888f88ba15546068ba60f6899d322ab
-
SHA512
351612adcf60d659151a246cdbc23f10d900e0ab1df1651c8813271bc6a8bb7cdd8bf8603a9295955a420a7ab3a7d3f5754593c289e65d4e5d42fe38356799c9
-
SSDEEP
6144:BtrDYHU7N7aFm68KTZ3tfierLmTiPFLYoYOtY:XrTh7aFmUT9/LmOPFLYo1Y
Malware Config
Targets
-
-
Target
5ff19fe6d7c5c0859f6d54cbe39c4766
-
Size
228KB
-
MD5
5ff19fe6d7c5c0859f6d54cbe39c4766
-
SHA1
6b99c05d0b28015f904104260fdfaabb4d0bf24f
-
SHA256
09dce1b6665ae2ab3224de5d03f3b6717888f88ba15546068ba60f6899d322ab
-
SHA512
351612adcf60d659151a246cdbc23f10d900e0ab1df1651c8813271bc6a8bb7cdd8bf8603a9295955a420a7ab3a7d3f5754593c289e65d4e5d42fe38356799c9
-
SSDEEP
6144:BtrDYHU7N7aFm68KTZ3tfierLmTiPFLYoYOtY:XrTh7aFmUT9/LmOPFLYo1Y
Score9/10-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Modifies rc script
Adding/modifying system rc scripts is a common persistence mechanism.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-