General
-
Target
0f7b17bf97934625dc72a0fbdca902ee.elf
-
Size
57KB
-
Sample
240331-hs7x9sff7s
-
MD5
0f7b17bf97934625dc72a0fbdca902ee
-
SHA1
b0a49e21b9f9566dfedead5d6e7a3df9839fea48
-
SHA256
401e8154f16267dd71e35c557662488b6cc3121d2a331579d9ce591ca034d1f9
-
SHA512
4102a10bd8b99a33ec105c895af3e714ed45ee708b8dcb9b02733becc18e4fd6db63eba14059813ede29809a6c46cc528a7bb8b457e19b52d66c63b10d0d078c
-
SSDEEP
1536:v0f5JN+LtFC7GXhEPsTe3HD/cR4jr2+/SH:v0BJN+LtA+hEPsqX7cAqv
Behavioral task
behavioral1
Sample
0f7b17bf97934625dc72a0fbdca902ee.elf
Resource
ubuntu2004-amd64-20240221-en
Malware Config
Extracted
mirai
giga.giganoob.ru
giga.giganoob.xyz
193.141.60.143
Targets
-
-
Target
0f7b17bf97934625dc72a0fbdca902ee.elf
-
Size
57KB
-
MD5
0f7b17bf97934625dc72a0fbdca902ee
-
SHA1
b0a49e21b9f9566dfedead5d6e7a3df9839fea48
-
SHA256
401e8154f16267dd71e35c557662488b6cc3121d2a331579d9ce591ca034d1f9
-
SHA512
4102a10bd8b99a33ec105c895af3e714ed45ee708b8dcb9b02733becc18e4fd6db63eba14059813ede29809a6c46cc528a7bb8b457e19b52d66c63b10d0d078c
-
SSDEEP
1536:v0f5JN+LtFC7GXhEPsTe3HD/cR4jr2+/SH:v0BJN+LtA+hEPsqX7cAqv
Score7/10-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Checks CPU configuration
Checks CPU information which indicate if the system is a virtual machine.
-
Writes file to system bin folder
-