General
-
Target
4aa3cde5e5d83fc075ccf9da6c6124cf.elf
-
Size
339KB
-
Sample
230206-kjqczagb6z
-
MD5
4aa3cde5e5d83fc075ccf9da6c6124cf
-
SHA1
1e814210a7e4846adc8b2179a8b566d58dd1e895
-
SHA256
424fee63e1f2500477c045128f266f590e1874002c4c78af3ac10cddc52e4e1b
-
SHA512
454ff7dd3b2712ef54b906ec78a04ba3ad0758a6969ee213445ec8b6183c4bb442198ba2677f6e561f5eb49eb379981e811c06f712c737a4c9bc42adccc4fee6
-
SSDEEP
3072:+W4o266jYK5JvWpA5JrjMhzj0eiYdhHOuy4yzMPKfpEMTWT6Xy9tdw6DW9WtD74N:+6Ff9ZuMcEMTWTsitLDW9Wx74Q8YrkBz
Malware Config
Targets
-
-
Target
4aa3cde5e5d83fc075ccf9da6c6124cf.elf
-
Size
339KB
-
MD5
4aa3cde5e5d83fc075ccf9da6c6124cf
-
SHA1
1e814210a7e4846adc8b2179a8b566d58dd1e895
-
SHA256
424fee63e1f2500477c045128f266f590e1874002c4c78af3ac10cddc52e4e1b
-
SHA512
454ff7dd3b2712ef54b906ec78a04ba3ad0758a6969ee213445ec8b6183c4bb442198ba2677f6e561f5eb49eb379981e811c06f712c737a4c9bc42adccc4fee6
-
SSDEEP
3072:+W4o266jYK5JvWpA5JrjMhzj0eiYdhHOuy4yzMPKfpEMTWT6Xy9tdw6DW9WtD74N:+6Ff9ZuMcEMTWTsitLDW9Wx74Q8YrkBz
Score9/10-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-