General
-
Target
SecuriteInfo.com.Linux.Siggen.9999.10949.15787.elf
-
Size
42KB
-
Sample
240423-bwt29aah79
-
MD5
93c9ffb7a705f30be9f12d8d1bed6d91
-
SHA1
1d86917cc58aeaaaf50039bb18f98bc4fcad87cf
-
SHA256
29213fd7a918cf8ca8952f78ea82c0b098426676f0c302883f1206117406bfae
-
SHA512
cd7cef161103d467b963da63ead451836eeabb698d34d7137a8795b6a8ff351d4f2876cf6b7c3470c02a7152fa3f3a5fe56298af1b3508e96ed4038cdbbdef21
-
SSDEEP
768:GSFpc0Z5RazniRDBcTdLszC2ScaE2BKhrA7t8wjxW9exJgGlzDpUYs5:3cwazUW1E2AtA7iwN+qVqYm
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Linux.Siggen.9999.10949.15787.elf
Resource
debian9-mipsbe-20240226-en
Malware Config
Extracted
mirai
UNSTABLE
Targets
-
-
Target
SecuriteInfo.com.Linux.Siggen.9999.10949.15787.elf
-
Size
42KB
-
MD5
93c9ffb7a705f30be9f12d8d1bed6d91
-
SHA1
1d86917cc58aeaaaf50039bb18f98bc4fcad87cf
-
SHA256
29213fd7a918cf8ca8952f78ea82c0b098426676f0c302883f1206117406bfae
-
SHA512
cd7cef161103d467b963da63ead451836eeabb698d34d7137a8795b6a8ff351d4f2876cf6b7c3470c02a7152fa3f3a5fe56298af1b3508e96ed4038cdbbdef21
-
SSDEEP
768:GSFpc0Z5RazniRDBcTdLszC2ScaE2BKhrA7t8wjxW9exJgGlzDpUYs5:3cwazUW1E2AtA7iwN+qVqYm
Score10/10-
Contacts a large (219434) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-