General
-
Target
1ab266378ac3e8ac712e2163a3e1d602.armv6l.bin
-
Size
310KB
-
Sample
230228-dx96zahc76
-
MD5
1ab266378ac3e8ac712e2163a3e1d602
-
SHA1
18682aea652155010894029fb7e1bedbae6d2d0a
-
SHA256
e0e093ade5df95cc88cea86d1c0c86ea2b1d67913d37f8eb9d2d20ca7819b9a1
-
SHA512
ad9e08d4f4e02c08032b4945c4b5cb279d22b46da8e104d9240a8e13f17383c9f4052b2876c1e84bb4a5f8e544e238af58f4a7b9b785aad69f87f2f9373fbce7
-
SSDEEP
6144:YY8t809ndLXsp8aHGwe3QjtGkTKTletJ8a8f6Cj7L9mcDREIG4N4:/Gdrsp8aHVNtGkuetJ8a8t7L9mc1EIG3
Behavioral task
behavioral1
Sample
1ab266378ac3e8ac712e2163a3e1d602.armv6l.bin
Resource
debian9-armhf-20221111-en
Malware Config
Targets
-
-
Target
1ab266378ac3e8ac712e2163a3e1d602.armv6l.bin
-
Size
310KB
-
MD5
1ab266378ac3e8ac712e2163a3e1d602
-
SHA1
18682aea652155010894029fb7e1bedbae6d2d0a
-
SHA256
e0e093ade5df95cc88cea86d1c0c86ea2b1d67913d37f8eb9d2d20ca7819b9a1
-
SHA512
ad9e08d4f4e02c08032b4945c4b5cb279d22b46da8e104d9240a8e13f17383c9f4052b2876c1e84bb4a5f8e544e238af58f4a7b9b785aad69f87f2f9373fbce7
-
SSDEEP
6144:YY8t809ndLXsp8aHGwe3QjtGkTKTletJ8a8f6Cj7L9mcDREIG4N4:/Gdrsp8aHVNtGkuetJ8a8t7L9mc1EIG3
Score9/10-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-