General
-
Target
f9f851f1843523440a5ac59963f541cb.elf
-
Size
90KB
-
Sample
240331-hn73gagb75
-
MD5
f9f851f1843523440a5ac59963f541cb
-
SHA1
a9182ec67d38a1c2010ff111e29777c0fd673501
-
SHA256
b0bf755330dd760ec2a341b73a185e8859c16da6957115889866d40f5e4c1571
-
SHA512
cf23e4e5fbf517338802d3a18f3dceebc5d9d5eabb1644a50ae987993ef03c3fcd9297f9715fe67b45055e8038ae4202bcc77c40d032919ae17e4fbca9ebaefa
-
SSDEEP
1536:7Vtl7c+XdPHHiKbEyIhpQVd1dgqjXgZV0xh/MIZVWB0v2YA453uI:7VtVXdPHCKbEenjXg1Io5453
Behavioral task
behavioral1
Sample
f9f851f1843523440a5ac59963f541cb.elf
Resource
debian9-mipsel-20240226-en
Malware Config
Extracted
mirai
giga.giganoob.xyz
Targets
-
-
Target
f9f851f1843523440a5ac59963f541cb.elf
-
Size
90KB
-
MD5
f9f851f1843523440a5ac59963f541cb
-
SHA1
a9182ec67d38a1c2010ff111e29777c0fd673501
-
SHA256
b0bf755330dd760ec2a341b73a185e8859c16da6957115889866d40f5e4c1571
-
SHA512
cf23e4e5fbf517338802d3a18f3dceebc5d9d5eabb1644a50ae987993ef03c3fcd9297f9715fe67b45055e8038ae4202bcc77c40d032919ae17e4fbca9ebaefa
-
SSDEEP
1536:7Vtl7c+XdPHHiKbEyIhpQVd1dgqjXgZV0xh/MIZVWB0v2YA453uI:7VtVXdPHCKbEenjXg1Io5453
Score7/10-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Checks CPU configuration
Checks CPU information which indicate if the system is a virtual machine.
-
Writes file to system bin folder
-