General
-
Target
6d232ad69461b6bf73ffd6b69825ece6678462fb5eeed39da08b3839d2f052b7
-
Size
197KB
-
Sample
240818-xfp91s1gqr
-
MD5
8a5bddc9b0d4cad084c360ec50b587af
-
SHA1
e02e9015063ac7a068b40d775a66e56aaf85abfe
-
SHA256
6d232ad69461b6bf73ffd6b69825ece6678462fb5eeed39da08b3839d2f052b7
-
SHA512
d4f951a12f33b4b5112008559b7d9ae46796d4fc8bc2fe0c583893c0370b8a25cb071f3982c80279821d9c3ed9a146c552d95f4e2cd3064f5c757693d78a6aa7
-
SSDEEP
3072:4IQzCxHzdOaoUrFaW3VZXKeIvgY4M4dz12o+A:4IQ+xDouaW3LXKR+M4C
Malware Config
Targets
-
-
Target
6d232ad69461b6bf73ffd6b69825ece6678462fb5eeed39da08b3839d2f052b7
-
Size
197KB
-
MD5
8a5bddc9b0d4cad084c360ec50b587af
-
SHA1
e02e9015063ac7a068b40d775a66e56aaf85abfe
-
SHA256
6d232ad69461b6bf73ffd6b69825ece6678462fb5eeed39da08b3839d2f052b7
-
SHA512
d4f951a12f33b4b5112008559b7d9ae46796d4fc8bc2fe0c583893c0370b8a25cb071f3982c80279821d9c3ed9a146c552d95f4e2cd3064f5c757693d78a6aa7
-
SSDEEP
3072:4IQzCxHzdOaoUrFaW3VZXKeIvgY4M4dz12o+A:4IQ+xDouaW3LXKR+M4C
Score9/10-
Contacts a large (198822) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Writes file to system bin folder
-