General
-
Target
9a4b31bbe2531de5ee31762e22460094.bin
-
Size
280KB
-
Sample
240426-bwpsjagh7x
-
MD5
ec03040432e61eada66721d19d6e1897
-
SHA1
c95dc25f75b2aeae260c3f4ff7a9329194fd21c4
-
SHA256
cedacd0c21a258f40705210909c6521346e53b62fed98272ddd097da0cdba14c
-
SHA512
60ce2d1550c1300aa3f757b312df513292a61050cc20fcb59af69b5ae631ddf7f303e596b7053591c59ced23a74f912fb94992dca159e4b7ea9696369c89e538
-
SSDEEP
6144:ZdzBWhn6WQsMknRrUT6jMGBpr8hPI8bANlfxJ0nIigQaSMfsDc:ZrWhnNQUnRm+MMpyITxJt9f
Static task
static1
Behavioral task
behavioral1
Sample
c9e62e041871b6a8be78ea685ec57d50e6b7006955cd2268c5413828958aa2fe.elf
Resource
debian9-mipsel-20240226-en
Malware Config
Targets
-
-
Target
c9e62e041871b6a8be78ea685ec57d50e6b7006955cd2268c5413828958aa2fe.elf
-
Size
289KB
-
MD5
9a4b31bbe2531de5ee31762e22460094
-
SHA1
6eb94df6023a850fb70c0719428740407015712f
-
SHA256
c9e62e041871b6a8be78ea685ec57d50e6b7006955cd2268c5413828958aa2fe
-
SHA512
65520bbb27c904b72df3b297aa65c18f4dbff873783d4b76d337127b7d5f6a71aeb39a0b24cba37f5967696cd8a2412092ffe87f98f9ed6b6905432c6786ae4d
-
SSDEEP
6144:0CoLeDTk3CYqDzEme/kfiRyM5Xe4DyOGBa8BRJJRIKcz35ILIt:0CzHk3LqX5wkfiRvXeoYjGma
Score10/10-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Writes file to system bin folder
-