General
-
Target
da12ead92069e02db3b88d15ac2c2823.elf
-
Size
2.4MB
-
Sample
240305-2q4bvabf6w
-
MD5
da12ead92069e02db3b88d15ac2c2823
-
SHA1
297bf4ce9a344d6c27eba64bf1ddf2707567a2ef
-
SHA256
f4345a8c7f841767e5173140c8b57aedb4b9ad2333950341a37ffc2d1ed3f47a
-
SHA512
5769feee3276dbacae7a6711a7a5b7ddae425f689aa5655cb1bfb7dd4046a28ac075c807a8436a191542f97103c60ef42bcfd9110bb68a82891a2ab9b04cdd25
-
SSDEEP
49152:e5R845g7EfVpclzm6XRkQfqFWWrO7dE2UlFHuOqrJPLWziHTHpDj:eDqUpuzmiRFiXrWa2UlwrJWzGFj
Malware Config
Targets
-
-
Target
da12ead92069e02db3b88d15ac2c2823.elf
-
Size
2.4MB
-
MD5
da12ead92069e02db3b88d15ac2c2823
-
SHA1
297bf4ce9a344d6c27eba64bf1ddf2707567a2ef
-
SHA256
f4345a8c7f841767e5173140c8b57aedb4b9ad2333950341a37ffc2d1ed3f47a
-
SHA512
5769feee3276dbacae7a6711a7a5b7ddae425f689aa5655cb1bfb7dd4046a28ac075c807a8436a191542f97103c60ef42bcfd9110bb68a82891a2ab9b04cdd25
-
SSDEEP
49152:e5R845g7EfVpclzm6XRkQfqFWWrO7dE2UlFHuOqrJPLWziHTHpDj:eDqUpuzmiRFiXrWa2UlwrJWzGFj
Score10/10-
StealthWorker
StealthWorker is golang-based brute force malware.
-
Contacts a large (1984) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Checks CPU configuration
Checks CPU information which indicate if the system is a virtual machine.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-