General
-
Target
35ccf25e8a030b10ec1031e39edf2f19.elf
-
Size
97KB
-
Sample
230516-erc5qahh6v
-
MD5
35ccf25e8a030b10ec1031e39edf2f19
-
SHA1
a28f69f7d2bee281a507dd2bc7dadb3e16ff4c9b
-
SHA256
3200f00358e53603e44a0a1231bb167f35bec2bd703b36a4ca36e6dcac10546e
-
SHA512
2fe8fd4ee3340d8ab265c9992047a2f17dfd08c61f8cc40a11ed2a5b56499cca51a67b589a5aa457145930586df7b7df47fd13c61a33b6bf6d0125cc27405027
-
SSDEEP
3072:VK1z13U6HzHoXRtmTUhQogkEmmFVcqq0GnDZT:VK7DDeKlogkEmmFVcqq0GnDZT
Malware Config
Targets
-
-
Target
35ccf25e8a030b10ec1031e39edf2f19.elf
-
Size
97KB
-
MD5
35ccf25e8a030b10ec1031e39edf2f19
-
SHA1
a28f69f7d2bee281a507dd2bc7dadb3e16ff4c9b
-
SHA256
3200f00358e53603e44a0a1231bb167f35bec2bd703b36a4ca36e6dcac10546e
-
SHA512
2fe8fd4ee3340d8ab265c9992047a2f17dfd08c61f8cc40a11ed2a5b56499cca51a67b589a5aa457145930586df7b7df47fd13c61a33b6bf6d0125cc27405027
-
SSDEEP
3072:VK1z13U6HzHoXRtmTUhQogkEmmFVcqq0GnDZT:VK7DDeKlogkEmmFVcqq0GnDZT
Score9/10-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Changes its process name
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-