General
-
Target
05d205b0556f0c9a9ab6ad99809d1328.elf
-
Size
128KB
-
Sample
230401-3w971seh4s
-
MD5
05d205b0556f0c9a9ab6ad99809d1328
-
SHA1
61b711c30f24edd5968ea91b1ac6305a61510744
-
SHA256
6f823967ec65f1f139f8e69bb27c1490eee3c4f323874e1f7686a869ef7b43dd
-
SHA512
95af4dc49db90c5dfc2f5f4fd4877cd56716762c9e1bb27bb9e56468d422a147107ebad1bef7b8cbcd0542a35cc93eb3451a6babe072474dfcf8b535d9d54dce
-
SSDEEP
3072:fMHPsiA/ixmIk+SHfFBeUKOhwePSNj6JM/99mywPoIlq:fMHPsiTx4+SHfFB3K1GSNUM/99mywPo1
Behavioral task
behavioral1
Sample
05d205b0556f0c9a9ab6ad99809d1328.elf
Resource
debian9-armhf-20221111-en
Malware Config
Extracted
mirai
CONDI
Targets
-
-
Target
05d205b0556f0c9a9ab6ad99809d1328.elf
-
Size
128KB
-
MD5
05d205b0556f0c9a9ab6ad99809d1328
-
SHA1
61b711c30f24edd5968ea91b1ac6305a61510744
-
SHA256
6f823967ec65f1f139f8e69bb27c1490eee3c4f323874e1f7686a869ef7b43dd
-
SHA512
95af4dc49db90c5dfc2f5f4fd4877cd56716762c9e1bb27bb9e56468d422a147107ebad1bef7b8cbcd0542a35cc93eb3451a6babe072474dfcf8b535d9d54dce
-
SSDEEP
3072:fMHPsiA/ixmIk+SHfFBeUKOhwePSNj6JM/99mywPoIlq:fMHPsiTx4+SHfFB3K1GSNUM/99mywPo1
Score9/10-
Contacts a large (50668) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-