General
-
Target
85.239.34.237-mips-2024-07-17T210915.elf
-
Size
193KB
-
Sample
240717-w8wrtsxajg
-
MD5
08b3002d9c162675f471ab4763b23b36
-
SHA1
f5eeb90bec4cde14b8b2d75d93e45477b4725514
-
SHA256
cbb23949b84aa62946c11b56d78afc437ae26fd8d2fc3e282d581f3b81d5aef6
-
SHA512
d3c512558ab1d40dfdc105accea258228ba12b4d5c0455e6bbf130de261b75179e73d891c78609f95ebc47f4cbbcb08abe282f8f5b6a6724e41a5fb61d03cf6d
-
SSDEEP
3072:Amh9xAUoIZuoQB1i6HsxZanjgMtik8uXSizBP5:AmhLAUMbB1CUEMv8oSqP5
Behavioral task
behavioral1
Sample
85.239.34.237-mips-2024-07-17T210915.elf
Resource
debian9-mipsbe-20240418-en
Malware Config
Targets
-
-
Target
85.239.34.237-mips-2024-07-17T210915.elf
-
Size
193KB
-
MD5
08b3002d9c162675f471ab4763b23b36
-
SHA1
f5eeb90bec4cde14b8b2d75d93e45477b4725514
-
SHA256
cbb23949b84aa62946c11b56d78afc437ae26fd8d2fc3e282d581f3b81d5aef6
-
SHA512
d3c512558ab1d40dfdc105accea258228ba12b4d5c0455e6bbf130de261b75179e73d891c78609f95ebc47f4cbbcb08abe282f8f5b6a6724e41a5fb61d03cf6d
-
SSDEEP
3072:Amh9xAUoIZuoQB1i6HsxZanjgMtik8uXSizBP5:AmhLAUMbB1CUEMv8oSqP5
Score9/10-
Contacts a large (1705162) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Writes file to system bin folder
-