General
-
Target
1781c4dd5c063582c300199d65682610.elf
-
Size
66KB
-
Sample
231006-p6cgvadg55
-
MD5
1781c4dd5c063582c300199d65682610
-
SHA1
b264e70554173efa162c066f86f290b4b498b6ec
-
SHA256
f3e4d3683fba9f4a2b9739cecc89bf4bf197793fc567532269873350cd728822
-
SHA512
8d3cb45034cb76a7699f181c2864f373dc2f749ca8a588bd906c9bd3704313e88b8abed4c5376b245938e39ef1eeae064b6c9bf025ae2fc3a387aaac5eb5df8c
-
SSDEEP
1536:Tfu73WGGE0DUm8lquk5t7wGmAQwM1CGD48/yUVj:6Z10DU3lqVgvANM8GD4HUV
Malware Config
Targets
-
-
Target
1781c4dd5c063582c300199d65682610.elf
-
Size
66KB
-
MD5
1781c4dd5c063582c300199d65682610
-
SHA1
b264e70554173efa162c066f86f290b4b498b6ec
-
SHA256
f3e4d3683fba9f4a2b9739cecc89bf4bf197793fc567532269873350cd728822
-
SHA512
8d3cb45034cb76a7699f181c2864f373dc2f749ca8a588bd906c9bd3704313e88b8abed4c5376b245938e39ef1eeae064b6c9bf025ae2fc3a387aaac5eb5df8c
-
SSDEEP
1536:Tfu73WGGE0DUm8lquk5t7wGmAQwM1CGD48/yUVj:6Z10DU3lqVgvANM8GD4HUV
Score9/10-
Contacts a large (1008203) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-