General
-
Target
95.214.27.186-x86-2024-07-07T071212.elf
-
Size
45KB
-
Sample
240709-f79z3azhqh
-
MD5
63d962b7db2ea4cd8ddadbe5c1aeb74b
-
SHA1
6dab277e69df2a231faa2d387d304e26b86ba5ea
-
SHA256
6a2cee1d5692d5c3976e68d8e3b80f669f95ee3f6133aca7c9036fce05daea75
-
SHA512
7768a8b2ec2c528d22e0c41b30c36c73cc9939b8b9641211b0a6da8bf1dffa340c927489b12a5761417a37cae1a61f5c48735ede042443741386fa2e8d5f0a5a
-
SSDEEP
768:Yk/rjSNwLGBs80WEJ5noXR83sjYQ9c8hwf8Se3WEmI3EV:Yk/rjSNwLGBzFE6kQHhwi3WbI3E
Malware Config
Targets
-
-
Target
95.214.27.186-x86-2024-07-07T071212.elf
-
Size
45KB
-
MD5
63d962b7db2ea4cd8ddadbe5c1aeb74b
-
SHA1
6dab277e69df2a231faa2d387d304e26b86ba5ea
-
SHA256
6a2cee1d5692d5c3976e68d8e3b80f669f95ee3f6133aca7c9036fce05daea75
-
SHA512
7768a8b2ec2c528d22e0c41b30c36c73cc9939b8b9641211b0a6da8bf1dffa340c927489b12a5761417a37cae1a61f5c48735ede042443741386fa2e8d5f0a5a
-
SSDEEP
768:Yk/rjSNwLGBs80WEJ5noXR83sjYQ9c8hwf8Se3WEmI3EV:Yk/rjSNwLGBzFE6kQHhwi3WbI3E
Score9/10-
Contacts a large (134735) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Enumerates running processes
Discovers information about currently running processes on the system
-