General
-
Target
b93e12c3b04ce268766dcfb0ec916a7b28a3608773f378d07ab0184e7d6e2afe.elf
-
Size
155KB
-
Sample
240220-gns3wada36
-
MD5
8fdf47500c9dee0824a4e42cbca73109
-
SHA1
fa3a71afd0a3425b32d36dfe660e6d40f6e89f9d
-
SHA256
b93e12c3b04ce268766dcfb0ec916a7b28a3608773f378d07ab0184e7d6e2afe
-
SHA512
e56d72f0c744126b40760ce450f950211872f2394bd84b987e5f28f3cbffa0f36c6e4bd981dd87520f00e4879ad6c6bc5ff81de9fbcb2486bbbead275f2ba48d
-
SSDEEP
3072:B7esBFP23rWfOB7ZOOyGkWKmrThPaLEne7rNb:1euCloGkrmrThPaLEne7rNb
Malware Config
Targets
-
-
Target
b93e12c3b04ce268766dcfb0ec916a7b28a3608773f378d07ab0184e7d6e2afe.elf
-
Size
155KB
-
MD5
8fdf47500c9dee0824a4e42cbca73109
-
SHA1
fa3a71afd0a3425b32d36dfe660e6d40f6e89f9d
-
SHA256
b93e12c3b04ce268766dcfb0ec916a7b28a3608773f378d07ab0184e7d6e2afe
-
SHA512
e56d72f0c744126b40760ce450f950211872f2394bd84b987e5f28f3cbffa0f36c6e4bd981dd87520f00e4879ad6c6bc5ff81de9fbcb2486bbbead275f2ba48d
-
SSDEEP
3072:B7esBFP23rWfOB7ZOOyGkWKmrThPaLEne7rNb:1euCloGkrmrThPaLEne7rNb
Score7/10-
Changes its process name
-
Executes dropped EXE
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-