General
-
Target
x86.elf
-
Size
93KB
-
Sample
241027-hxmswstkgw
-
MD5
bb9275394716c60d1941432c7085ca13
-
SHA1
43f6e51ca69e70abb7d6cfd7f11f15df3fcc97cc
-
SHA256
3c0eb5de2946c558159a6b6a656d463febee037c17a1f605330e601cfcd39615
-
SHA512
047ec8451a8d35ac67c7ff26e145cfe5536d94ef1a7d280d2e70dc4c3ed7dfd1386a957e1b76f50c10429774df02964d48d50d6bb8debc2c9a3bcced833b125d
-
SSDEEP
1536:lDVOLhrwmN92XVNbMxvk2bB3n2GNR9maOY7h8RGEhXXBP:9VO9v4vbMxvkEB3VNR9u4h8RGaxP
Behavioral task
behavioral1
Sample
x86.elf
Resource
ubuntu2204-amd64-20240611-en
Malware Config
Extracted
mirai
BOTNET
Targets
-
-
Target
x86.elf
-
Size
93KB
-
MD5
bb9275394716c60d1941432c7085ca13
-
SHA1
43f6e51ca69e70abb7d6cfd7f11f15df3fcc97cc
-
SHA256
3c0eb5de2946c558159a6b6a656d463febee037c17a1f605330e601cfcd39615
-
SHA512
047ec8451a8d35ac67c7ff26e145cfe5536d94ef1a7d280d2e70dc4c3ed7dfd1386a957e1b76f50c10429774df02964d48d50d6bb8debc2c9a3bcced833b125d
-
SSDEEP
1536:lDVOLhrwmN92XVNbMxvk2bB3n2GNR9maOY7h8RGEhXXBP:9VO9v4vbMxvkEB3VNR9u4h8RGaxP
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Renames itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-