Overview

overview

10

Static

static

10

3a60b343a4...a77941

debian-9-mipsel

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3a60b343a45aedc4559c5a8f5da77941

  • Size

    50KB

  • Sample

    231219-2yjx6sbcg2

  • MD5

    3a60b343a45aedc4559c5a8f5da77941

  • SHA1

    fcb164288682d497aeacea6904e119644b148386

  • SHA256

    97962b5e3edb20c09f629604ecc93c23cb1552db1a225befb3af8d1a68609ef3

  • SHA512

    cd025a4fd8702efb6711bd0ab26d2c8255c2873249eb7ea04709b5dba65cbffb9ae19aa1b5d7671cf2c2cf85e5f447829965645ba9b5562da09dcbc297d3931a

  • SSDEEP

    768:5vsyJM2PQc2/D/SbnG6l5K6eDedFe+c3Z3BbXiTnMfXcVZxU:5vLMoC/T6lle4FVc3BnXux

Score
10/10
miraidiscovery

Malware Config

Targets

    • Target

      3a60b343a45aedc4559c5a8f5da77941

    • Size

      50KB

    • MD5

      3a60b343a45aedc4559c5a8f5da77941

    • SHA1

      fcb164288682d497aeacea6904e119644b148386

    • SHA256

      97962b5e3edb20c09f629604ecc93c23cb1552db1a225befb3af8d1a68609ef3

    • SHA512

      cd025a4fd8702efb6711bd0ab26d2c8255c2873249eb7ea04709b5dba65cbffb9ae19aa1b5d7671cf2c2cf85e5f447829965645ba9b5562da09dcbc297d3931a

    • SSDEEP

      768:5vsyJM2PQc2/D/SbnG6l5K6eDedFe+c3Z3BbXiTnMfXcVZxU:5vLMoC/T6lle4FVc3BnXux

    Score
    9/10
    discovery

    • Contacts a large (53248) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks