General
-
Target
1687583ec4f145c2801d0ee0f3356defb46f77464bb2fef1e846c20f9a69f88e.elf
-
Size
79KB
-
Sample
241016-blevkszakr
-
MD5
8c04529c402927bf0fda3fed4dcf4471
-
SHA1
8a69da19370f97d97e918c5bc87900fe43110d43
-
SHA256
1687583ec4f145c2801d0ee0f3356defb46f77464bb2fef1e846c20f9a69f88e
-
SHA512
b61d83e8abaaa3319edec56c2ca16a43eba77c882de9461076af39ef0a2065a46c43912fa6e295d4fadce2a77c83de7dc93cb879ef7607bfe370781bfac15c06
-
SSDEEP
1536:M48sxHfoFQadYNnTjZXH7+tFQw3RI24ZSg7it/3:M1qfoFQAYFTjtSRi+/
Static task
static1
Behavioral task
behavioral1
Sample
1687583ec4f145c2801d0ee0f3356defb46f77464bb2fef1e846c20f9a69f88e.elf
Resource
debian12-mipsel-20240221-en
Malware Config
Targets
-
-
Target
1687583ec4f145c2801d0ee0f3356defb46f77464bb2fef1e846c20f9a69f88e.elf
-
Size
79KB
-
MD5
8c04529c402927bf0fda3fed4dcf4471
-
SHA1
8a69da19370f97d97e918c5bc87900fe43110d43
-
SHA256
1687583ec4f145c2801d0ee0f3356defb46f77464bb2fef1e846c20f9a69f88e
-
SHA512
b61d83e8abaaa3319edec56c2ca16a43eba77c882de9461076af39ef0a2065a46c43912fa6e295d4fadce2a77c83de7dc93cb879ef7607bfe370781bfac15c06
-
SSDEEP
1536:M48sxHfoFQadYNnTjZXH7+tFQw3RI24ZSg7it/3:M1qfoFQAYFTjtSRi+/
Score7/10-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Renames itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Reads process memory
Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
-