General
-
Target
0c3d821256f95da1966117055df100d3.elf
-
Size
139KB
-
Sample
230317-jd5d9sgh51
-
MD5
0c3d821256f95da1966117055df100d3
-
SHA1
ce392f859951952709e65fbadf317fbde83328e4
-
SHA256
579dfedda32746eba67bb8251c358c8db4329e3706e4cb191a2507add1ec2787
-
SHA512
e03203e7b682595a39c2775facda7588f40b3b5abbac4e558816a40c83867c05ecc26790f9e7ab9328cb5ebdcea600479986ba4d5e613455b00e009d360e5a20
-
SSDEEP
3072:Cv/WwsLgaq353qHiCOvhOpDqkDQHbeskmhxQwoVSUNu:KPLaq351hOpDqkLskmhxQwoVSUNu
Behavioral task
behavioral1
Sample
0c3d821256f95da1966117055df100d3.elf
Resource
debian9-armhf-en-20211208
Malware Config
Targets
-
-
Target
0c3d821256f95da1966117055df100d3.elf
-
Size
139KB
-
MD5
0c3d821256f95da1966117055df100d3
-
SHA1
ce392f859951952709e65fbadf317fbde83328e4
-
SHA256
579dfedda32746eba67bb8251c358c8db4329e3706e4cb191a2507add1ec2787
-
SHA512
e03203e7b682595a39c2775facda7588f40b3b5abbac4e558816a40c83867c05ecc26790f9e7ab9328cb5ebdcea600479986ba4d5e613455b00e009d360e5a20
-
SSDEEP
3072:Cv/WwsLgaq353qHiCOvhOpDqkDQHbeskmhxQwoVSUNu:KPLaq351hOpDqkLskmhxQwoVSUNu
Score9/10-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-