Extracted

• • Target

    c8533a5967594f8e6a6b2e1b8b0995f8

  • Size

    61KB

  • MD5

    c8533a5967594f8e6a6b2e1b8b0995f8

  • SHA1

    9cd1c754ecf3d561448d8980892e05d7722a312f

  • SHA256

    a16638a7a86a71e6958fe1453abe2da957a9d2ce55dc3ce83b7107485f27e468

  • SHA512

    2944eae5a47fd5207e2af34ad890a9f4ede18ba4fb96dc91fa56bd6ae60bfaa7f5872fa73e1b6f5188ab4e6beb88d8cb3621126d58ebf6231162ac6baee7749a

  • SSDEEP

    1536:cKqyu6GBlyt0ZPTJtmSWI/IEx0GHf3kd/Qoo/We:cKqx6GBl/5TJMSWI/IjGHfs4jOe

  Score

  9^/10

  discovery

  • Contacts a large (20641) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates active TCP sockets

    Gets active TCP sockets from /proc virtual filesystem.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  behavioral1