General
-
Target
x86.elf
-
Size
114KB
-
Sample
230404-hn73gadd72
-
MD5
a51a9e6cb3be3542c29ae5cc9965537b
-
SHA1
9f69f6ecde8de7f96ce99fab275d4da7d1293793
-
SHA256
ef7e1b0aa597afc2a7aec157a317a5048a4e712c19785a4345c05c50e8e637c4
-
SHA512
9ea24c30353fc988f221b39cc27cced786fa224e3695e2b66a1119cab9f90c3083c25360ed9b2f1261e26a75e97837079a462f40d04da9430a0d23fd358a358b
-
SSDEEP
3072:uirMUYZMo/QJLRZDsqtxqLX5I/uJioud2yd1m7FnVqfJXoebNb:SKo/O8qtUbKbbm7FnVqfJXoebNb
Behavioral task
behavioral1
Sample
x86.elf
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Targets
-
-
Target
x86.elf
-
Size
114KB
-
MD5
a51a9e6cb3be3542c29ae5cc9965537b
-
SHA1
9f69f6ecde8de7f96ce99fab275d4da7d1293793
-
SHA256
ef7e1b0aa597afc2a7aec157a317a5048a4e712c19785a4345c05c50e8e637c4
-
SHA512
9ea24c30353fc988f221b39cc27cced786fa224e3695e2b66a1119cab9f90c3083c25360ed9b2f1261e26a75e97837079a462f40d04da9430a0d23fd358a358b
-
SSDEEP
3072:uirMUYZMo/QJLRZDsqtxqLX5I/uJioud2yd1m7FnVqfJXoebNb:SKo/O8qtUbKbbm7FnVqfJXoebNb
Score9/10-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Writes DNS configuration
Writes data to DNS resolver config file.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-