Overview

overview

9

Static

static

1

fcf9df6a5b...13.elf

debian-9-mips

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4b79a9d0c402215f4df2b9fc8437a165.bin

  • Size

    34KB

  • Sample

    230315-gh2g3adg51

  • MD5

    fb9fc9cac4cc9d70407d3413c61dd4db

  • SHA1

    952ff740c38112c54c926d1cddf44d72053ed1cd

  • SHA256

    d6df5673c5c301b8ce073d22d6056d34f44f235cc57181f656a8e23164d12af1

  • SHA512

    84fadc1e157e82a52f7b76e132c76a2b071c43eab5a19bd6d2ff33e88aeb42bbbf37380b5241f916852c87fa3415ca400c008cfe43c04d8e08c1c7b81dc5aa4c

  • SSDEEP

    768:rjxr6tfwwb00I2i9pOCBfiCzNFIZpXFCjSIQ2VuVln9/1OZQS02peRc:fxutoww2YjflnqXFLF2g7n9/kZf02peu

Score
9/10
discovery

Malware Config

Targets

    • Target

      fcf9df6a5bfda43b2025fe0c19c5a7ab0f409d7251a6ade45a0158c0a5827913.elf

    • Size

      35KB

    • MD5

      4b79a9d0c402215f4df2b9fc8437a165

    • SHA1

      4fbbb0dbfd5489e3cb869742798133d840374331

    • SHA256

      fcf9df6a5bfda43b2025fe0c19c5a7ab0f409d7251a6ade45a0158c0a5827913

    • SHA512

      2a3fb11a205fe5a0f2993cc04041e2faea874475d274edb52239693d5d5a294293e1577bcfb385b8a5594e8876bc7108c75f6f09e311790df44ecffa2ec7979c

    • SSDEEP

      768:FBARh6NpkuEVbzKpzV4cmfP74SUOBSuQRUrnfJgGlzDpbuR1JD:Ft/t0kzuV0SUSQReVJuB

    Score
    9/10
    discovery

    • Contacts a large (46386) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks