Extracted

• • Target

    cc46e0e3cb1c3577c49d448cbf04ca13.elf

  • Size

    223KB

  • MD5

    cc46e0e3cb1c3577c49d448cbf04ca13

  • SHA1

    6e306a5b682b520c2a5941a50034086882c87027

  • SHA256

    9d053c5fb34f80031ba2d14f188c979b344d291b618c32613106e635beca5dc0

  • SHA512

    d669f30d095192357c399440e9b5d96e07766ff2d5e484588be895929abb0d4aabdf9133e9872f8edc251a93588a6ea41422125d1ea9ce9e705ee6024523e4ae

  • SSDEEP

    3072:xLN858hbjP7HlEfY3MI3GxJyQdaqOCaqalDgD92bx7BLZXeDe+IpexHEr07mBzr4:QlYckGx8QaHC2+Do5Xe6w7mBzrZjHET

  Score

  7^/10

  discoverypersistence

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • Creates/modifies Cron job

    Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    persistence
  behavioral1