General
-
Target
286d7cc261ec9f5257bf569b8c65bcbd.bin
-
Size
51KB
-
Sample
230319-v6ceqsbe5t
-
MD5
d6285ae3a923127cf974b6e48f0ba0b3
-
SHA1
35de37d16c50036205af5d8f73b0366c13a94b0c
-
SHA256
f647122faf33c8e80ab64133a46b45b34a003d7fdbdf09923281828202b4c628
-
SHA512
8c16cf3304970344e80473cbe8255ace79582bbb9092afc8cc43313d02b9c308f94de3b9c811de1b51daa14b875522c849c7d7a9c449dab149114e7979bd5af1
-
SSDEEP
768:3d+FH+w9/2bvcwFLCxnELbTS9bQ7rDgVl5b183sTwFVEHTq88xi/378o4o7I3XAI:qNsbvtaghZFVuTox637XJk3QI
Malware Config
Targets
-
-
Target
9f72c037f34d5b4c50b67674080577608d36407e74ecf19c74990da29e990ecb.elf
-
Size
52KB
-
MD5
286d7cc261ec9f5257bf569b8c65bcbd
-
SHA1
52658598352a1ab008a37424cd9664af9b3bcb3b
-
SHA256
9f72c037f34d5b4c50b67674080577608d36407e74ecf19c74990da29e990ecb
-
SHA512
1b49879a802ff49dfc5f8cb602ec590df1027a4b81ff759b5f91f61545a7ea02c2bded24022dc5eee73f532c0ea5b508f46b023ce88945af82f553ba36ce41e4
-
SSDEEP
768:/Mte5B4PACtw/YcmRIe18D9q63TxZQbSORe7Su2QJnKE79TLrt359q3UELbOs8qE:/M84ISRX63dZQbS5rzZtcLIVmWj9
Score9/10-
Contacts a large (19300) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Write file to user bin folder
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-