General
-
Target
c161f9d73ca2e53a130680b762579df5.elf
-
Size
139KB
-
Sample
240401-w5gthacc22
-
MD5
c161f9d73ca2e53a130680b762579df5
-
SHA1
ff2830f335be7d73692dff80072c46d9a244576b
-
SHA256
a9dbdd95ebd8c9e6fb7de29c21103ddba18a62f2393bfa7ba365a491e37b342a
-
SHA512
4b2ccdeb1b2e4235c175f4ef1a4054fd2c3449b03fdaa55c85fa92b2efefd68eb37b7c64222d3a43aefbbcefabf6ba487898b2a6931c67df1e2caf1462040269
-
SSDEEP
3072:Z41HOuaGVV3NfHUOjqyldqCw3jkmhxQwoVZUNu:Ze3aGVVdqyldq1jkmhxQwoVZUNu
Behavioral task
behavioral1
Sample
c161f9d73ca2e53a130680b762579df5.elf
Resource
debian9-armhf-20240226-en
Malware Config
Targets
-
-
Target
c161f9d73ca2e53a130680b762579df5.elf
-
Size
139KB
-
MD5
c161f9d73ca2e53a130680b762579df5
-
SHA1
ff2830f335be7d73692dff80072c46d9a244576b
-
SHA256
a9dbdd95ebd8c9e6fb7de29c21103ddba18a62f2393bfa7ba365a491e37b342a
-
SHA512
4b2ccdeb1b2e4235c175f4ef1a4054fd2c3449b03fdaa55c85fa92b2efefd68eb37b7c64222d3a43aefbbcefabf6ba487898b2a6931c67df1e2caf1462040269
-
SSDEEP
3072:Z41HOuaGVV3NfHUOjqyldqCw3jkmhxQwoVZUNu:Ze3aGVVdqyldq1jkmhxQwoVZUNu
Score7/10-
Changes its process name
-
Executes dropped EXE
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-