General
-
Target
3e07eb641db5dd8196c79b3f7d87b3c3.elf
-
Size
151KB
-
Sample
230317-l3crnaff38
-
MD5
3e07eb641db5dd8196c79b3f7d87b3c3
-
SHA1
6fff83fb7411bf8466b808bd2337de336ad0cfad
-
SHA256
95f312bcbe88e0404ebf829e99b82a638a80e37c5eacee2ff53006815192044c
-
SHA512
5e44cf69321c192ca7a5cd99860b917915cddc1037a4ec8b30588a4e7df959602906f9346d3323d287eeeefc1b67c713a11629567f2a3940ac7b1f86c9daccc3
-
SSDEEP
3072:JW6dm9tS1aRGQdK76t/zCVI5mrThPaLEnvPrNb:c6IG+LCKmrThPaLEnvPrNb
Behavioral task
behavioral1
Sample
3e07eb641db5dd8196c79b3f7d87b3c3.elf
Resource
debian9-mipsbe-20221111-en
Malware Config
Targets
-
-
Target
3e07eb641db5dd8196c79b3f7d87b3c3.elf
-
Size
151KB
-
MD5
3e07eb641db5dd8196c79b3f7d87b3c3
-
SHA1
6fff83fb7411bf8466b808bd2337de336ad0cfad
-
SHA256
95f312bcbe88e0404ebf829e99b82a638a80e37c5eacee2ff53006815192044c
-
SHA512
5e44cf69321c192ca7a5cd99860b917915cddc1037a4ec8b30588a4e7df959602906f9346d3323d287eeeefc1b67c713a11629567f2a3940ac7b1f86c9daccc3
-
SSDEEP
3072:JW6dm9tS1aRGQdK76t/zCVI5mrThPaLEnvPrNb:c6IG+LCKmrThPaLEnvPrNb
Score9/10-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-