General
-
Target
d3173306605d59e2c9b04bb91753f6ad.elf
-
Size
139KB
-
Sample
230317-l3yzwshf5y
-
MD5
d3173306605d59e2c9b04bb91753f6ad
-
SHA1
57bdd00b00d885ebcd9895e21eb25e27febbf15e
-
SHA256
2ee8cf18952ba0e87a8d7b4502609e73b2a44f569cfbd14aa1b9678e9ace9e96
-
SHA512
d418b9b8b582c3ae89884404bda9458d0135ab25fffd5576d67875e9ce3393d34aa58cbff48297cf7c4ccb52223e23fb48838db1e1f1ecc30b51ff3c3430a4c8
-
SSDEEP
3072:Cv/WwsLgaq353qHiCOvhOpeqkDQHbeskmhxQwoVSUNu:KPLaq351hOpeqkLskmhxQwoVSUNu
Behavioral task
behavioral1
Sample
d3173306605d59e2c9b04bb91753f6ad.elf
Resource
debian9-armhf-en-20211208
Malware Config
Targets
-
-
Target
d3173306605d59e2c9b04bb91753f6ad.elf
-
Size
139KB
-
MD5
d3173306605d59e2c9b04bb91753f6ad
-
SHA1
57bdd00b00d885ebcd9895e21eb25e27febbf15e
-
SHA256
2ee8cf18952ba0e87a8d7b4502609e73b2a44f569cfbd14aa1b9678e9ace9e96
-
SHA512
d418b9b8b582c3ae89884404bda9458d0135ab25fffd5576d67875e9ce3393d34aa58cbff48297cf7c4ccb52223e23fb48838db1e1f1ecc30b51ff3c3430a4c8
-
SSDEEP
3072:Cv/WwsLgaq353qHiCOvhOpeqkDQHbeskmhxQwoVSUNu:KPLaq351hOpeqkLskmhxQwoVSUNu
Score9/10-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-