General
-
Target
fb50e935c4b0f30acb213f29ecc21d8f.elf
-
Size
147KB
-
Sample
240403-hn8n1aah34
-
MD5
fb50e935c4b0f30acb213f29ecc21d8f
-
SHA1
5428c4d7d5d70de3ec7154c6335e3cf0bdda0998
-
SHA256
eccb34d778d503e77dcb70ab51c7c5cc68f486a55a9688c2da6f75cfa96e8f8c
-
SHA512
e2819034d953b79e5f96363cb27d93eaacf4185aa68f646517203e0822bf76c5db39a388f46bb79e5a3942d2bcd9fd3a7c3223016b1723684cca12431e3ba861
-
SSDEEP
3072:eJLce5p0VdCS0aCHbz4NvMLJF1IQ1FDEXMk/M/9gQkY:eJLcjt0aCHbz4N0LJPHDEXMcM/9TkY
Behavioral task
behavioral1
Sample
fb50e935c4b0f30acb213f29ecc21d8f.elf
Resource
debian9-armhf-20240226-en
Malware Config
Extracted
mirai
botnet.618389.com
Targets
-
-
Target
fb50e935c4b0f30acb213f29ecc21d8f.elf
-
Size
147KB
-
MD5
fb50e935c4b0f30acb213f29ecc21d8f
-
SHA1
5428c4d7d5d70de3ec7154c6335e3cf0bdda0998
-
SHA256
eccb34d778d503e77dcb70ab51c7c5cc68f486a55a9688c2da6f75cfa96e8f8c
-
SHA512
e2819034d953b79e5f96363cb27d93eaacf4185aa68f646517203e0822bf76c5db39a388f46bb79e5a3942d2bcd9fd3a7c3223016b1723684cca12431e3ba861
-
SSDEEP
3072:eJLce5p0VdCS0aCHbz4NvMLJF1IQ1FDEXMk/M/9gQkY:eJLcjt0aCHbz4N0LJPHDEXMcM/9TkY
Score9/10-
Contacts a large (37619) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Enumerates running processes
Discovers information about currently running processes on the system
-