General
-
Target
ed053f7989c52ff8138a36ad959500bb01cd9dcadfdce5c5033a1d7698c06818.elf
-
Size
75KB
-
Sample
241014-psvq9swana
-
MD5
d633c03b2d4ba9af334aa99654ea273f
-
SHA1
578afe2aaa0c7195f1f7fa698a5f989802293dac
-
SHA256
ed053f7989c52ff8138a36ad959500bb01cd9dcadfdce5c5033a1d7698c06818
-
SHA512
900b2da50ddcbc4a059c53a3427a16af983a4c7f7f986fd2adc352640d05bcc330cfbfbe25dc24b0f2525d2ac907ad0fbc8369a59ed2b06794b6e60b3e01b19d
-
SSDEEP
768:h4IG9ZPvS5uHSXirhev0vJxFcMfeeBsmDNWggyY0IiWzzp9nvRd0xlsFnsaqI:h4IG9U7irhepMmeimDjcVznncsFsrI
Static task
static1
Behavioral task
behavioral1
Sample
ed053f7989c52ff8138a36ad959500bb01cd9dcadfdce5c5033a1d7698c06818.elf
Resource
debian9-mipsbe-20240729-en
Malware Config
Targets
-
-
Target
ed053f7989c52ff8138a36ad959500bb01cd9dcadfdce5c5033a1d7698c06818.elf
-
Size
75KB
-
MD5
d633c03b2d4ba9af334aa99654ea273f
-
SHA1
578afe2aaa0c7195f1f7fa698a5f989802293dac
-
SHA256
ed053f7989c52ff8138a36ad959500bb01cd9dcadfdce5c5033a1d7698c06818
-
SHA512
900b2da50ddcbc4a059c53a3427a16af983a4c7f7f986fd2adc352640d05bcc330cfbfbe25dc24b0f2525d2ac907ad0fbc8369a59ed2b06794b6e60b3e01b19d
-
SSDEEP
768:h4IG9ZPvS5uHSXirhev0vJxFcMfeeBsmDNWggyY0IiWzzp9nvRd0xlsFnsaqI:h4IG9U7irhepMmeimDjcVznncsFsrI
Score7/10-
Deletes system logs
Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Renames itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Reads process memory
Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
-