Overview

overview

10

Static

static

10

90a81d803c...d6f43d

debian-9-mipsel

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    90a81d803c6832ae60178a154bd6f43d

  • Size

    199KB

  • Sample

    231220-jjbddaaagl

  • MD5

    90a81d803c6832ae60178a154bd6f43d

  • SHA1

    92ea96707307f385e9b84fe62dbb9e01765e2f03

  • SHA256

    32b8eebad6ab0cc73b22508c067515eb2e88a4f5f8fe0f95cc6fb10de72b788b

  • SHA512

    a34bf59dfc5b887f9fb19ee84cfefed144930e1fe0ef68ed41e1a3db0f5c5cd1794e7e6ae100e3443b609eea7bd35e30306ba8478488b2442b5c3e7cea448df1

  • SSDEEP

    3072:ilU6n7thBIoS7C3o/9IWdaARzHSPmDDTlPWDyaejZh:SU4VaCa9IWzRMmDDTlPWDyaejZh

Score
10/10
gafgytdiscovery

Malware Config

Targets

    • Target

      90a81d803c6832ae60178a154bd6f43d

    • Size

      199KB

    • MD5

      90a81d803c6832ae60178a154bd6f43d

    • SHA1

      92ea96707307f385e9b84fe62dbb9e01765e2f03

    • SHA256

      32b8eebad6ab0cc73b22508c067515eb2e88a4f5f8fe0f95cc6fb10de72b788b

    • SHA512

      a34bf59dfc5b887f9fb19ee84cfefed144930e1fe0ef68ed41e1a3db0f5c5cd1794e7e6ae100e3443b609eea7bd35e30306ba8478488b2442b5c3e7cea448df1

    • SSDEEP

      3072:ilU6n7thBIoS7C3o/9IWdaARzHSPmDDTlPWDyaejZh:SU4VaCa9IWzRMmDDTlPWDyaejZh

    Score
    9/10
    discovery

    • Contacts a large (46223) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks