Analysis
-
max time kernel
40074s -
max time network
148s -
platform
linux_mips -
resource
debian9-mipsbe-en-20211208 -
resource tags
arch:mipsimage:debian9-mipsbe-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
17-03-2023 12:50
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Linux.Mirai.3982.8986.20434
Resource
debian9-mipsbe-en-20211208
debian-9-mips
3 signatures
150 seconds
General
-
Target
SecuriteInfo.com.Linux.Mirai.3982.8986.20434
-
Size
23KB
-
MD5
9ce3cedc4922b0894529d49caceb5401
-
SHA1
b4c93ca4064bb0aff367db6970c2df8f59e4ec3a
-
SHA256
847ebd6a624881bb75702b1ef07968a203c8250fbaaab5004b4ce035e4dff9b1
-
SHA512
bce688f894380dbb31cf20229e6f1016c06591df0d1a8060d1b12864fce2999e96fa786dbd6168aef21c5a3760a27b5bad6500bca9b14ad7a38afc7d1f5a7e25
-
SSDEEP
384:p3WEBXfrIOPMQXWFgjmIzbEx81mVFkXXXYR+Fdh7hD1sZr/OEMcZJgGlzDpH7uNh:Rx88MD6jXoxcmVFknoEdRhDgrMKJgGlG
Score
9/10
Malware Config
Signatures
-
Modifies the Watchdog daemon 1 TTPs
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder 1 TTPs 2 IoCs
Processes:
description ioc /bin/watchdog /bin/watchdog /sbin/watchdog /sbin/watchdog -
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes:
description ioc /proc/ /proc/