General
-
Target
SecuriteInfo.com.Heur.20230513223225134795345.elf
-
Size
33KB
-
Sample
230513-2dmhkabh2t
-
MD5
90c62ced3946ffc2d5bb8a4c79b1abd3
-
SHA1
ce482af58a7f1e9b4aba5da412482f06b704e452
-
SHA256
457959a9c1876b4221c425248be1e3d378accf16e550417b2b704a06e3165e40
-
SHA512
a6e9a110f64b677365e724b4cd532dc912519d5b1214172eea16819599fae8624fa956ef291800d639760d5bb7f710555574c4b61edc1db3b6b893c36f3eea41
-
SSDEEP
768:uKe7RhDec/rWibTZXJ05bgt/Spjr2mKtgcQk//xJgGlzDpbuR1J2:ohCc/KiXYbgYOv//DVJu8
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Heur.20230513223225134795345.elf
-
Size
33KB
-
MD5
90c62ced3946ffc2d5bb8a4c79b1abd3
-
SHA1
ce482af58a7f1e9b4aba5da412482f06b704e452
-
SHA256
457959a9c1876b4221c425248be1e3d378accf16e550417b2b704a06e3165e40
-
SHA512
a6e9a110f64b677365e724b4cd532dc912519d5b1214172eea16819599fae8624fa956ef291800d639760d5bb7f710555574c4b61edc1db3b6b893c36f3eea41
-
SSDEEP
768:uKe7RhDec/rWibTZXJ05bgt/Spjr2mKtgcQk//xJgGlzDpbuR1J2:ohCc/KiXYbgYOv//DVJu8
-
Contacts a large (69596) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-