General
-
Target
arm4-20240706-0316.elf
-
Size
65KB
-
Sample
240706-ds2n2athnr
-
MD5
8eb3f9fd0821ec7676448d4e5c417df3
-
SHA1
2dac2708cbdc188ef3cfa881f02c1467825fe0d9
-
SHA256
f3d8bc4b5c3dc2b7bd4df079aad66f146c73b34dbfca3412be17016aeeea547e
-
SHA512
f256b4a506e2dee9310eaa466a1432378a1819b3043d6af7829217d079ba55ec092e048d85a82d037bf1b3103150aa087c2db87688014afcb605f68cba9cf630
-
SSDEEP
1536:t5akHBIPK02c2+u7tqd+CE39QXfUR3Lpga9UnDeuDyl+faXz2UURCyZQQkjBbti:3Hyn23+uRqEC5fELSa9CWPaUURx1kjFg
Malware Config
Extracted
mirai
BOTNET
scan.yerco.xyz
Targets
-
-
Target
arm4-20240706-0316.elf
-
Size
65KB
-
MD5
8eb3f9fd0821ec7676448d4e5c417df3
-
SHA1
2dac2708cbdc188ef3cfa881f02c1467825fe0d9
-
SHA256
f3d8bc4b5c3dc2b7bd4df079aad66f146c73b34dbfca3412be17016aeeea547e
-
SHA512
f256b4a506e2dee9310eaa466a1432378a1819b3043d6af7829217d079ba55ec092e048d85a82d037bf1b3103150aa087c2db87688014afcb605f68cba9cf630
-
SSDEEP
1536:t5akHBIPK02c2+u7tqd+CE39QXfUR3Lpga9UnDeuDyl+faXz2UURCyZQQkjBbti:3Hyn23+uRqEC5fELSa9CWPaUURx1kjFg
-
Contacts a large (209670) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Writes file to system bin folder
-