Extracted

• • Target

    a5022b514068631b1d727def5eb12e5f

  • Size

    48KB

  • MD5

    a5022b514068631b1d727def5eb12e5f

  • SHA1

    c45cf569b01421df8a522ff19709c2a706f8999f

  • SHA256

    b0315c7d4cc19df5041231f57db265cca8a8ad609c78857cfc0b47af5025bf59

  • SHA512

    06653b1ea92de29dcfa37b8c0b4430c8c1d0261c4280e343efe6a5db102a35d51b82e73726e982f836212da0e20a60aa7f90122e1ab66c776b543943002f1537

  • SSDEEP

    768:7YeFRRiyMTlm5mbCreWUjCGf6aXY0rmpRYrkPl0cP4iEN8mHjUoSEg6Q8I1UQ:7YA5+CrRU2q5Xr4aQENzIoSEjQ8I1UQ

  Score

  9^/10

  discovery

  • Contacts a large (218277) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder

  behavioral1