General
-
Target
2341762800bbc7ae9e0a2856cd271ab63cd4d63948b3d1da64075af123f3c81d.elf
-
Size
75KB
-
Sample
241016-bpa1sszbpj
-
MD5
dc3cafd47c5abdd308278f115230e190
-
SHA1
961fb006e576b0102902ab00b566f99d22721731
-
SHA256
2341762800bbc7ae9e0a2856cd271ab63cd4d63948b3d1da64075af123f3c81d
-
SHA512
5c5520390d6c27b862ee24802a18cb97c91cefa375550d54c172fe3595c5ad16136de63680b4c70c63f1aacfd731437f280234d7203232d9d00e2296ee331d95
-
SSDEEP
768:74lD94StFSr6pKjU0iUoDSPETSrywj3e7RCxykOVZA9cOqmWD/Y66ApXEk1nCtX:74d9li6pcfhEwywre7HJbDJNgtX
Static task
static1
Behavioral task
behavioral1
Sample
2341762800bbc7ae9e0a2856cd271ab63cd4d63948b3d1da64075af123f3c81d.elf
Resource
debian9-mipsbe-20240729-en
Malware Config
Targets
-
-
Target
2341762800bbc7ae9e0a2856cd271ab63cd4d63948b3d1da64075af123f3c81d.elf
-
Size
75KB
-
MD5
dc3cafd47c5abdd308278f115230e190
-
SHA1
961fb006e576b0102902ab00b566f99d22721731
-
SHA256
2341762800bbc7ae9e0a2856cd271ab63cd4d63948b3d1da64075af123f3c81d
-
SHA512
5c5520390d6c27b862ee24802a18cb97c91cefa375550d54c172fe3595c5ad16136de63680b4c70c63f1aacfd731437f280234d7203232d9d00e2296ee331d95
-
SSDEEP
768:74lD94StFSr6pKjU0iUoDSPETSrywj3e7RCxykOVZA9cOqmWD/Y66ApXEk1nCtX:74d9li6pcfhEwywre7HJbDJNgtX
Score7/10-
Deletes system logs
Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Renames itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Reads process memory
Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
-