General
-
Target
jade.mips.elf
-
Size
140KB
-
Sample
240821-qrvkjs1bpa
-
MD5
e2cb67fdc214be07e95c936c47fcb92a
-
SHA1
b0dbc592fcfb9c70ee06bc004a2dd9c01da500ad
-
SHA256
68ee723f8a812a0712cc4b58830e5138bdded389d3f62a8e13dda881cd2d4eda
-
SHA512
129412a0c621f76bcc1e32cbe6dbe314b99bdd365e4d0b17f7744d2f550e6430f4896e747794ece88b1b9f56c411ad847c19ab52610de9dad56a4d9e944dc807
-
SSDEEP
3072:jw0VJD/eGdUAHj11b68XD4QJkY7Zozo9Rc431abeZiNL/43P:jw0VJD/eGdUAHj11b68XD4QJkY7Z59RJ
Behavioral task
behavioral1
Sample
jade.mips.elf
Resource
debian9-mipsbe-20240611-en
Malware Config
Targets
-
-
Target
jade.mips.elf
-
Size
140KB
-
MD5
e2cb67fdc214be07e95c936c47fcb92a
-
SHA1
b0dbc592fcfb9c70ee06bc004a2dd9c01da500ad
-
SHA256
68ee723f8a812a0712cc4b58830e5138bdded389d3f62a8e13dda881cd2d4eda
-
SHA512
129412a0c621f76bcc1e32cbe6dbe314b99bdd365e4d0b17f7744d2f550e6430f4896e747794ece88b1b9f56c411ad847c19ab52610de9dad56a4d9e944dc807
-
SSDEEP
3072:jw0VJD/eGdUAHj11b68XD4QJkY7Zozo9Rc431abeZiNL/43P:jw0VJD/eGdUAHj11b68XD4QJkY7Z59RJ
Score9/10-
Contacts a large (218841) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-