General
-
Target
8cc0cdf62fc99a47b520924c39b869ab.bin
-
Size
49KB
-
Sample
240409-b4nv7sae27
-
MD5
72411ec46e5f5397866197c91590596b
-
SHA1
5a10404edcc97f7250716b0b310c366b4e1d4dca
-
SHA256
8aeee5495effdaae5da01d15cbab938645735855c9678eaeb49c5294f8c6150b
-
SHA512
def61e283d9c663c7535b0b5d77f8fb1e0a40a3903abc974455e5606e979125e7f2ad2100d596e74acae885afe668552f4d43fc6afab34c8bc6167d2534c0d28
-
SSDEEP
768:AcCwWXfQTwV1oVT+/jmGsqt8EG01fylEmta8qGmHB0JpcZuj4vTG9Bt9YYoduZ:AS5eKa/JsvEG0UthlmHB03Ww4vqd9adQ
Malware Config
Targets
-
-
Target
adefd6b37ee3dc189916368a6070f1e6cc1480b4564c8ffcbc23d714cfeabc54.elf
-
Size
109KB
-
MD5
8cc0cdf62fc99a47b520924c39b869ab
-
SHA1
f822213efb7a389ccff9e24d5120eb9555693c54
-
SHA256
adefd6b37ee3dc189916368a6070f1e6cc1480b4564c8ffcbc23d714cfeabc54
-
SHA512
dcbd8fbf8274308555b1806ca496490c9b05d43069e1ae0f0c2ba0a6cb2d9ab2c83f49d6fc5dcc2cb5ca4118fc2b3678613ffd9513a34a3ba8b359575fe3c8f5
-
SSDEEP
1536:MDT1HnGuT9ZplJsQd6T1kRezWxNTnMGAZPHIFbsSPrg7x83zR:MDMC9Zj5i1aPxhnMNZfIJg63zR
Score9/10-
Contacts a large (38144) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Deletes itself
-
Traces itself
Traces itself to prevent debugging attempts
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Enumerates running processes
Discovers information about currently running processes on the system
-