General
-
Target
d5601202dff3017db238145ff21857415f663031aca9b3d534bec8991b12179a.rar
-
Size
82KB
-
Sample
240416-lnrx2agd6t
-
MD5
5aa397f1f1413aadcf22aa5d23c4f32f
-
SHA1
d199c2c7e4c1e0d0930361ef6afb9c221b873573
-
SHA256
56e20e1156cda633f1d623b4c6ff3cb709c92cc2c0e0a81a3ec0b97643658cd6
-
SHA512
23a7b97cda4e33dd49f068a4e76e5e24cc64a433e4242858694102102a444a276c468271017ddbcb57a1913cd7d0cec1af655dfefe1fb7fadc36a5c83517e41b
-
SSDEEP
1536:H+rk9CITlSHUedZifzmpXeZBIit3Bx+WWAbcAisSx5d6fGEmx0m94us6:vLTQ3s6pXeZz3Bx+fZN6uas4C
Static task
static1
Behavioral task
behavioral1
Sample
d5601202dff3017db238145ff21857415f663031aca9b3d534bec8991b12179a
Resource
debian12-mipsel-20240221-en
Malware Config
Targets
-
-
Target
d5601202dff3017db238145ff21857415f663031aca9b3d534bec8991b12179a
-
Size
83KB
-
MD5
b8ed2cb3e9fedec5b164ce84ad5a08d0
-
SHA1
b45ef9ad0a29b0a402d1613b10c3f6e95686230c
-
SHA256
d5601202dff3017db238145ff21857415f663031aca9b3d534bec8991b12179a
-
SHA512
98aa6abf6bc6b27ea2833122c468e436c267ef40c5ecbbd6446174d0859920e7b7bbcec617e12d7aa9e89e0492e5dcf4cf49a6208e7252fd0619047818454a31
-
SSDEEP
1536:m3LqE6rUQWzVQR7iAGEcUT5PIi7pLqBNs4LOjcwf4nB6XuzGNy+iSc7tNUZM:mOE6PWo1T5bz4LVMXuzVNScWM
Score7/10-
Changes its process name
-
Deletes itself
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-