General
-
Target
1551-1-0x0000000008048000-0x0000000008067de0-memory.dmp
-
Size
68KB
-
Sample
240212-we1hxsag3x
-
MD5
f423f4b746bb8e94cc736adeb055ec2a
-
SHA1
9e59ee37f7d88c575577a4d234e53c11a1359bce
-
SHA256
785a72bba6f2790cb3046c24ad3df583b4d04d2a583545b19bee5150144a4980
-
SHA512
458c1030d155448a90f9712462b55a58b4ed14d43ab9c5595348e413c4687d207f6444e8b6c7cf9557a65ba1a3331de00ec3848ebb6ea38c3075c039198c0b23
-
SSDEEP
1536:4WLpwIfsfbIPuq2YMmhM9jZZmon3eQIZcW2K2FnBv1fY/IoxkPA:4WLpjfsfkP2ChC9ZGVB2tB9fqna4
Malware Config
Targets
-
-
Target
1551-1-0x0000000008048000-0x0000000008067de0-memory.dmp
-
Size
68KB
-
MD5
f423f4b746bb8e94cc736adeb055ec2a
-
SHA1
9e59ee37f7d88c575577a4d234e53c11a1359bce
-
SHA256
785a72bba6f2790cb3046c24ad3df583b4d04d2a583545b19bee5150144a4980
-
SHA512
458c1030d155448a90f9712462b55a58b4ed14d43ab9c5595348e413c4687d207f6444e8b6c7cf9557a65ba1a3331de00ec3848ebb6ea38c3075c039198c0b23
-
SSDEEP
1536:4WLpwIfsfbIPuq2YMmhM9jZZmon3eQIZcW2K2FnBv1fY/IoxkPA:4WLpjfsfkP2ChC9ZGVB2tB9fqna4
Score9/10-
Contacts a large (75732) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Deletes Audit logs
Deletes logs related to the Linux Audit framework.
-
Deletes itself
-
Deletes journal logs
Deletes systemd journal logs. Likely to evade detection.
-
Deletes system logs
Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-