General
-
Target
x86.elf
-
Size
113KB
-
Sample
230317-k2q28afc78
-
MD5
526fc7839eacdd1dc4696e589b20ebde
-
SHA1
d4ff7204bc3813286803f9442949f33caf00468a
-
SHA256
d12b23f4e5e7c85fe5ecea44a23e5b476039649c635227d6b64b6bc1ef1cc226
-
SHA512
904261f9623737b1fb5ca255c1ad76ab3237e7938ad23de72e9e53c48b990b448fe86964ca53f68f360c93e2ab373516e08916e2f1fd66baa97d6e46e85fbf5a
-
SSDEEP
3072:kiry859a2ADJf9wHYqbgFFo8+HeAo+TRCm7FnVqfJXFWbNb:T9a2aLqkrMnsm7FnVqfJXFWbNb
Behavioral task
behavioral1
Sample
x86.elf
Resource
ubuntu1804-amd64-20221111-en
Malware Config
Targets
-
-
Target
x86.elf
-
Size
113KB
-
MD5
526fc7839eacdd1dc4696e589b20ebde
-
SHA1
d4ff7204bc3813286803f9442949f33caf00468a
-
SHA256
d12b23f4e5e7c85fe5ecea44a23e5b476039649c635227d6b64b6bc1ef1cc226
-
SHA512
904261f9623737b1fb5ca255c1ad76ab3237e7938ad23de72e9e53c48b990b448fe86964ca53f68f360c93e2ab373516e08916e2f1fd66baa97d6e46e85fbf5a
-
SSDEEP
3072:kiry859a2ADJf9wHYqbgFFo8+HeAo+TRCm7FnVqfJXFWbNb:T9a2aLqkrMnsm7FnVqfJXFWbNb
Score9/10-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-