General
-
Target
586e95902ff3a186171545993624bd9f45ce3762297f03c2a0d5cbf56c92512d.elf
-
Size
71KB
-
Sample
241014-ncawgsydlk
-
MD5
ec83f911eebf2d2118bb19520d15da62
-
SHA1
534bd3c76a8167a14ed755972c90627c1b0b3aca
-
SHA256
586e95902ff3a186171545993624bd9f45ce3762297f03c2a0d5cbf56c92512d
-
SHA512
a9ff542044c9f34c48155497a0bfd0c308f1cb200afb2fd08f980b9d002dd6f94840d2c65c5d681cbb69c5e3b172e7428ef216aa1f02385449502962ed642669
-
SSDEEP
768:yvSzPA7eNo1Sd7mSbX7VNwz4qsrVybz9SBtJAAcpyP0Z8lkT6Q8Ke/mfolSX0CZT:yvSzP3NFZX7VsKk39sDAAcv9L3yqP0fg
Static task
static1
Behavioral task
behavioral1
Sample
586e95902ff3a186171545993624bd9f45ce3762297f03c2a0d5cbf56c92512d.elf
Resource
debian9-mipsbe-20240611-en
Malware Config
Targets
-
-
Target
586e95902ff3a186171545993624bd9f45ce3762297f03c2a0d5cbf56c92512d.elf
-
Size
71KB
-
MD5
ec83f911eebf2d2118bb19520d15da62
-
SHA1
534bd3c76a8167a14ed755972c90627c1b0b3aca
-
SHA256
586e95902ff3a186171545993624bd9f45ce3762297f03c2a0d5cbf56c92512d
-
SHA512
a9ff542044c9f34c48155497a0bfd0c308f1cb200afb2fd08f980b9d002dd6f94840d2c65c5d681cbb69c5e3b172e7428ef216aa1f02385449502962ed642669
-
SSDEEP
768:yvSzPA7eNo1Sd7mSbX7VNwz4qsrVybz9SBtJAAcpyP0Z8lkT6Q8Ke/mfolSX0CZT:yvSzP3NFZX7VsKk39sDAAcv9L3yqP0fg
Score7/10-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Renames itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Reads process memory
Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
-