General
-
Target
8139f2232e56367d8dcbc322145c4a8a
-
Size
126KB
-
Sample
231220-d3936addh4
-
MD5
8139f2232e56367d8dcbc322145c4a8a
-
SHA1
cb9ba37028feb1f18b47da20eb9970d5b7eab290
-
SHA256
293aec58713759556e28dfbd1dfcf8e3961bb7bfc70f933192e353ee68c7b412
-
SHA512
6d80795505f109a96530dc1dbc1b0b98c812562451cb28fefe75bc352ad6784fa254e77a6b49b2c86a9a3210ff4ca0353a0cad8c7edc2458d59f0a9b85d89371
-
SSDEEP
3072:oY7KaBIKJ5sKRybR+ijPc33xDS/vmNKoVLWhxF25n:eKwb4GwYvmNKoVLWhxF25n
Malware Config
Targets
-
-
Target
8139f2232e56367d8dcbc322145c4a8a
-
Size
126KB
-
MD5
8139f2232e56367d8dcbc322145c4a8a
-
SHA1
cb9ba37028feb1f18b47da20eb9970d5b7eab290
-
SHA256
293aec58713759556e28dfbd1dfcf8e3961bb7bfc70f933192e353ee68c7b412
-
SHA512
6d80795505f109a96530dc1dbc1b0b98c812562451cb28fefe75bc352ad6784fa254e77a6b49b2c86a9a3210ff4ca0353a0cad8c7edc2458d59f0a9b85d89371
-
SSDEEP
3072:oY7KaBIKJ5sKRybR+ijPc33xDS/vmNKoVLWhxF25n:eKwb4GwYvmNKoVLWhxF25n
Score9/10-
Contacts a large (23679) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-