General
-
Target
9c92cc02e440c3c6f3d245f3b1aa56d8.bin
-
Size
32KB
-
Sample
230515-b19y9sec75
-
MD5
6b2392c0e861e752912fc11d0c42649b
-
SHA1
a912d57e26a0504d2eb283a7c4d023b6d803715b
-
SHA256
c8fe6eb9fe0c8cd5c376396531fa7df682d22ecdc3a4248c683aa882b6831014
-
SHA512
8fb869da054fbe225d55cf5a4104e091402ec759a9f68637bd842596d8802ffdc42ed87bf0ad4f7c7858df83fe392cc557c04a343a15a1fa281a53c24ab99f49
-
SSDEEP
768:iZszyKrYPFqKeXHxrcTETXInfhaflu9Vgj+lVWhSFrDXAj:wJPFzeX6xhaduUj+lVUShLW
Malware Config
Targets
-
-
Target
9a5fba136d9c99bfa3edb2484774a8fc265468a2de4b5b5cdb525fb601979fe0.elf
-
Size
32KB
-
MD5
9c92cc02e440c3c6f3d245f3b1aa56d8
-
SHA1
6d61d673203bdbf1694fb124356406a982397522
-
SHA256
9a5fba136d9c99bfa3edb2484774a8fc265468a2de4b5b5cdb525fb601979fe0
-
SHA512
d8b709cca7c37a9c44c98ab6ac7223cb0d92b8f32913befa330f2f749580b318826e6f25fd8f584a21b444b59ef4eeda63d8e6626f9df5f325187508ac9b5edb
-
SSDEEP
768:pkutC5wgrj7VQjWT2FCBwZ2i2g3GGGzJgCx8yljQ8tkcdDyis9:1U3hwWzyZ2i26bG1CyljZtklH9
-
Contacts a large (74467) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-