General
-
Target
4cf4d8aa4992bc863c60958527dde6017082bd8f2bf079cb5e3b8b46fafd6a7f.elf
-
Size
75KB
-
Sample
241016-b3p2waweqc
-
MD5
ebfbef41fdd3eb0d34f7c20144f1059d
-
SHA1
50d07cc2ef13b5076e70ff391a993b8bb65e5540
-
SHA256
4cf4d8aa4992bc863c60958527dde6017082bd8f2bf079cb5e3b8b46fafd6a7f
-
SHA512
b802754198ac82d0f6048d8505e31843e80e507de88869cac460b5d39e550e6930de3e4c6782a740f5ab769ba703e66734c2f747b6534b82fcce642278a5afa7
-
SSDEEP
1536:qInpqUVsDSt2FOB25/rExt9KhWL9iIm3405SdelvcispXIj:7XVs+tI5/gjL9iIm340PipX2
Static task
static1
Behavioral task
behavioral1
Sample
4cf4d8aa4992bc863c60958527dde6017082bd8f2bf079cb5e3b8b46fafd6a7f.elf
Resource
debian9-armhf-20240611-en
Malware Config
Targets
-
-
Target
4cf4d8aa4992bc863c60958527dde6017082bd8f2bf079cb5e3b8b46fafd6a7f.elf
-
Size
75KB
-
MD5
ebfbef41fdd3eb0d34f7c20144f1059d
-
SHA1
50d07cc2ef13b5076e70ff391a993b8bb65e5540
-
SHA256
4cf4d8aa4992bc863c60958527dde6017082bd8f2bf079cb5e3b8b46fafd6a7f
-
SHA512
b802754198ac82d0f6048d8505e31843e80e507de88869cac460b5d39e550e6930de3e4c6782a740f5ab769ba703e66734c2f747b6534b82fcce642278a5afa7
-
SSDEEP
1536:qInpqUVsDSt2FOB25/rExt9KhWL9iIm3405SdelvcispXIj:7XVs+tI5/gjL9iIm340PipX2
Score7/10-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Renames itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Reads process memory
Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
-