Extracted

• • Target

    189ecaf8d05dfc121a4e1d935ddfde1f

  • Size

    97KB

  • MD5

    189ecaf8d05dfc121a4e1d935ddfde1f

  • SHA1

    d2f55930f22dc22f3244c107c8c4fbac116f76ac

  • SHA256

    46c1e310ac24842849d59e1e6f2419d6f2a90f16191ad322fed0c3288ccb3ddc

  • SHA512

    e623a47f1f11ac125347d0011385a7604aa9aa1af78b71234f0a212bda4c8539c7b3dcc898703c224de171d951da2f20388da8b6de56072ad7bd6b91ba3096d7

  • SSDEEP

    1536:PxOTCEsIi+2J7R8ZkZXzQ9XUVfNhwXVePhzY0JTCU9A0ExVO5IgSS45oK69eZWKd:PxJEsZ+2NBPJCOjMVKwvoYxN

  Score

  9^/10

  discovery

  • Contacts a large (264583) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates active TCP sockets

    Gets active TCP sockets from /proc virtual filesystem.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  behavioral1