Extracted

• • Target

    e1c30ba3e6d9e7de39a4b51091437486

  • Size

    64KB

  • MD5

    e1c30ba3e6d9e7de39a4b51091437486

  • SHA1

    ec06178111bb2450bee1153de802ff652a31281d

  • SHA256

    91cae68ca54ea551d6c307f0d03a23df50b4c370c2cb36904c95e24ecc2baa54

  • SHA512

    48cfa9e5c4d50b8f4ebec8bf9e109c343219631058faa848536cf3fde3339093e8158f00909380a93729bf023ce22e7c3eec7e7f6c05440e12e5ee3e4751fbda

  • SSDEEP

    1536:IEX9170vwHbQXZ5+qXDEuXi95TSW7V/DjObeFt6PuQ4Z7:d917iwHbQXZ5+qXA599SWZ/XObeb6GZZ

  Score

  9^/10

  discovery

  • Contacts a large (20145) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates active TCP sockets

    Gets active TCP sockets from /proc virtual filesystem.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  behavioral1