General
-
Target
3e0b0c2014e2bf86e328bb7011579aaa.bin
-
Size
57KB
-
Sample
230515-bldyaage3z
-
MD5
184f37f72246e3e9104783b6fcdf1d61
-
SHA1
46d990edbf62df4676ae6ab42188292b4dc6db49
-
SHA256
3416c5d39dcb6f36924da5ce582eae00de311a15b21469f17855894b2c907dfb
-
SHA512
e00cdc6b718f99514c08a5ce49e813bd96746996f6516cda5f1e7c5d3d6801db4054ef5ee34f0d58d1e6df89d9e4fc8c4a52246ea3f0d3db38ab2066ce3c812e
-
SSDEEP
1536:/ysyz54a09L60vNtwGQsMZR+h+YuAu4yLtrCrN5P:/ysyua0401f/MDR6yxCx5P
Malware Config
Targets
-
-
Target
138a57ba868d36405d93bbb19061cdef1b2600f7e97eb46ac03441202ee5e211.elf
-
Size
57KB
-
MD5
3e0b0c2014e2bf86e328bb7011579aaa
-
SHA1
5476315a86b12d0f6bd359212c8b631945fe6334
-
SHA256
138a57ba868d36405d93bbb19061cdef1b2600f7e97eb46ac03441202ee5e211
-
SHA512
284f3c6ee140d3fe976cc3fb7aa2a27a87b4d1b03349b9c2b26a9432d53913f9304019246aff6631d10201e67e14ae219991efad40c5edd35df7eb0d46ff805e
-
SSDEEP
768:B5vZRCdVnbBTnBNXj6u/+e2cQKHsrjBpYyTVb7b79q3UELcnPFHbeNNjfNBTBO7K:B5v/sbBTBojXLRjf5VnWLc97eNZzIm
-
Contacts a large (67805) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-