General
-
Target
8dba2039fd6f20170d4f1046a5a9d3413c58a657ce34658f5681e07296263d95.elf
-
Size
122KB
-
Sample
240402-bmh9dscd4w
-
MD5
74ca17a962720262e4449302a1b295d7
-
SHA1
90e9582e7bd4b5766899957a8cb5975124ebac7a
-
SHA256
8dba2039fd6f20170d4f1046a5a9d3413c58a657ce34658f5681e07296263d95
-
SHA512
cd2bb89b171c83f4f2491c05411b85b1c854b941922e119880a8400fcacd1178a2035786049f1db51327d0c5e266c5c5773ac91e7f4749c0db0edb1a0f50ca24
-
SSDEEP
3072:FDcYVLWKlAQTv+mYUbpl2m7/L7QsvmGugiNb:WYVxlAk9YUbH2m7/L7QsvmGugiNb
Behavioral task
behavioral1
Sample
8dba2039fd6f20170d4f1046a5a9d3413c58a657ce34658f5681e07296263d95.elf
Resource
debian9-armhf-20240226-en
Malware Config
Targets
-
-
Target
8dba2039fd6f20170d4f1046a5a9d3413c58a657ce34658f5681e07296263d95.elf
-
Size
122KB
-
MD5
74ca17a962720262e4449302a1b295d7
-
SHA1
90e9582e7bd4b5766899957a8cb5975124ebac7a
-
SHA256
8dba2039fd6f20170d4f1046a5a9d3413c58a657ce34658f5681e07296263d95
-
SHA512
cd2bb89b171c83f4f2491c05411b85b1c854b941922e119880a8400fcacd1178a2035786049f1db51327d0c5e266c5c5773ac91e7f4749c0db0edb1a0f50ca24
-
SSDEEP
3072:FDcYVLWKlAQTv+mYUbpl2m7/L7QsvmGugiNb:WYVxlAk9YUbH2m7/L7QsvmGugiNb
Score7/10-
Changes its process name
-
Executes dropped EXE
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-