General
-
Target
b04b96ac6e8c35c9292f72995da85fbbec500de6f322625aea2e726ff3ed36a0.elf
-
Size
67KB
-
Sample
240423-b4nv7sbb53
-
MD5
4a720ce186ce84344d293eec98cedc3b
-
SHA1
793839296872c384d3e36aeb7ac842161932dd98
-
SHA256
b04b96ac6e8c35c9292f72995da85fbbec500de6f322625aea2e726ff3ed36a0
-
SHA512
0cb1edd1ff6ddba105266322e02d68dcc4d1bd3d7e2ec77cad699d47bd862bfc363dd4f1df8ad276aff351e3b05751e54cb15ab73993df55c72edf7f56d66d6b
-
SSDEEP
1536:/xPrSYCpzLm+V0X6Bv7OKOfsxJ0BP2z8blulNj3iARPnI9FtR:pGPpz/SJ/BBmClyVil9jR
Behavioral task
behavioral1
Sample
b04b96ac6e8c35c9292f72995da85fbbec500de6f322625aea2e726ff3ed36a0.elf
Resource
debian9-armhf-20240226-en
Malware Config
Extracted
mirai
UNSTABLE
jswl.bzwl888.sbs
Targets
-
-
Target
b04b96ac6e8c35c9292f72995da85fbbec500de6f322625aea2e726ff3ed36a0.elf
-
Size
67KB
-
MD5
4a720ce186ce84344d293eec98cedc3b
-
SHA1
793839296872c384d3e36aeb7ac842161932dd98
-
SHA256
b04b96ac6e8c35c9292f72995da85fbbec500de6f322625aea2e726ff3ed36a0
-
SHA512
0cb1edd1ff6ddba105266322e02d68dcc4d1bd3d7e2ec77cad699d47bd862bfc363dd4f1df8ad276aff351e3b05751e54cb15ab73993df55c72edf7f56d66d6b
-
SSDEEP
1536:/xPrSYCpzLm+V0X6Bv7OKOfsxJ0BP2z8blulNj3iARPnI9FtR:pGPpz/SJ/BBmClyVil9jR
Score10/10-
Contacts a large (214556) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-