General
-
Target
46ecc3fac7044806c22e833d8d32123153fc9f5622631fee95343cdde12235a9.elf
-
Size
77KB
-
Sample
241014-m5xqaaycpq
-
MD5
1119e6a7b6796eaa2c8aba1d8c1c6a2a
-
SHA1
849a3887e367533e95c0e5b465d3dbfef62607b4
-
SHA256
46ecc3fac7044806c22e833d8d32123153fc9f5622631fee95343cdde12235a9
-
SHA512
045cd1b5ef1e36c52a6c8ece14c25026ed436132428932299e75e8e6ebe80df88657378e9bb25092557bbf239029d7430964e6911d45c140c28338562a9910c1
-
SSDEEP
1536:PknsxDrhAt4SkfcEReqtWuNYjNBRWHVBUa+ljFioMT0wckut:fJrhAtYfICWuNYjNBRWHVwTMTFHut
Static task
static1
Behavioral task
behavioral1
Sample
46ecc3fac7044806c22e833d8d32123153fc9f5622631fee95343cdde12235a9.elf
Resource
debian12-armhf-20240729-en
Malware Config
Targets
-
-
Target
46ecc3fac7044806c22e833d8d32123153fc9f5622631fee95343cdde12235a9.elf
-
Size
77KB
-
MD5
1119e6a7b6796eaa2c8aba1d8c1c6a2a
-
SHA1
849a3887e367533e95c0e5b465d3dbfef62607b4
-
SHA256
46ecc3fac7044806c22e833d8d32123153fc9f5622631fee95343cdde12235a9
-
SHA512
045cd1b5ef1e36c52a6c8ece14c25026ed436132428932299e75e8e6ebe80df88657378e9bb25092557bbf239029d7430964e6911d45c140c28338562a9910c1
-
SSDEEP
1536:PknsxDrhAt4SkfcEReqtWuNYjNBRWHVBUa+ljFioMT0wckut:fJrhAtYfICWuNYjNBRWHVwTMTFHut
Score7/10-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Renames itself
-
Reads process memory
Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
-