General
-
Target
bef5663c3dcfbc3e1866bcf74f3f7516.elf
-
Size
70KB
-
Sample
240331-hj77nsga95
-
MD5
bef5663c3dcfbc3e1866bcf74f3f7516
-
SHA1
0edfb6350c07e8f5b5f5984785b9e13dc644b3a5
-
SHA256
c78ccfaed2521b5bd28ab2734dca7b5aae28cd2657f945b2ad1997c500d2d849
-
SHA512
da11e67633e6512d11611ebb6ee4f3ef7a4cec7e9329f1f3072256e194a11f88acbadb256855e937097a21568b6eae1b9f5c45a8fb131cb05072b6afb14c7619
-
SSDEEP
1536:/NgPoiiWrhOlSuqLb4+3BpHISQaCOqCQIxXrFvM:/NgPsZxq/42pHIB/ABM
Behavioral task
behavioral1
Sample
bef5663c3dcfbc3e1866bcf74f3f7516.elf
Resource
debian9-armhf-20240226-en
Malware Config
Extracted
mirai
giga.giganoob.xyz
Targets
-
-
Target
bef5663c3dcfbc3e1866bcf74f3f7516.elf
-
Size
70KB
-
MD5
bef5663c3dcfbc3e1866bcf74f3f7516
-
SHA1
0edfb6350c07e8f5b5f5984785b9e13dc644b3a5
-
SHA256
c78ccfaed2521b5bd28ab2734dca7b5aae28cd2657f945b2ad1997c500d2d849
-
SHA512
da11e67633e6512d11611ebb6ee4f3ef7a4cec7e9329f1f3072256e194a11f88acbadb256855e937097a21568b6eae1b9f5c45a8fb131cb05072b6afb14c7619
-
SSDEEP
1536:/NgPoiiWrhOlSuqLb4+3BpHISQaCOqCQIxXrFvM:/NgPsZxq/42pHIB/ABM
Score7/10-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Checks CPU configuration
Checks CPU information which indicate if the system is a virtual machine.
-
Writes file to system bin folder
-