General
-
Target
b6556e6f0f2b0f1f5d0b401cbfc1520b.elf
-
Size
52KB
-
Sample
240510-jwjwaabg9y
-
MD5
b6556e6f0f2b0f1f5d0b401cbfc1520b
-
SHA1
d3f1a225c0d407bf08e12acfab20c59325f10bd2
-
SHA256
1355fb3c7924c6289f09b85a4094f469aa57ad9482465b54f80a5e3a9b11899a
-
SHA512
56d5b63a298589ce141918e4d2141f6151ee031f77694979d77571bef75b3cf28c96a9632cb180f6d6cb3079a2cc8e5af285dfb63b9929212ba0ae3a1e29be13
-
SSDEEP
768:+KXCCxb8IhdK4GrcvUmneUUOSyCX/GqiBJGuAHbADDDuRuUBVHPm89YiiL0mA3sN:+KSAhdk2UmeybqiyvbAD+RuBZwmLN
Malware Config
Targets
-
-
Target
b6556e6f0f2b0f1f5d0b401cbfc1520b.elf
-
Size
52KB
-
MD5
b6556e6f0f2b0f1f5d0b401cbfc1520b
-
SHA1
d3f1a225c0d407bf08e12acfab20c59325f10bd2
-
SHA256
1355fb3c7924c6289f09b85a4094f469aa57ad9482465b54f80a5e3a9b11899a
-
SHA512
56d5b63a298589ce141918e4d2141f6151ee031f77694979d77571bef75b3cf28c96a9632cb180f6d6cb3079a2cc8e5af285dfb63b9929212ba0ae3a1e29be13
-
SSDEEP
768:+KXCCxb8IhdK4GrcvUmneUUOSyCX/GqiBJGuAHbADDDuRuUBVHPm89YiiL0mA3sN:+KSAhdk2UmeybqiyvbAD+RuBZwmLN
Score9/10-
Contacts a large (1307566) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Deletes system logs
Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-