General
-
Target
d683ac0fa9513e0a7f14ef083e3c49a7816f1cfd5ad61919dc37f7e45d57c866.elf
-
Size
58KB
-
Sample
241112-qdvcmatbqq
-
MD5
15002dd354fe9805a35c818e599cd195
-
SHA1
87ecc7e747938a21b6d97a8bbbe0929ae1fe1ebd
-
SHA256
d683ac0fa9513e0a7f14ef083e3c49a7816f1cfd5ad61919dc37f7e45d57c866
-
SHA512
68dfc26bab44c722982c39db51604bda04972f64a3ebac4ed29ec4da20c9ad265c2e7c62d26dd64cc67b115f4b9bc9d9cdf0743d36e74294510579596b3803f4
-
SSDEEP
768:ds+Vmz0XyboxDHdYGCyvMEcqXrgT8Rv7EolgG18HBTPOlRwoCK/1DLBNOoFYYauT:6+kICwDyGjrgclPYBjOlRrzFyM
Behavioral task
behavioral1
Sample
d683ac0fa9513e0a7f14ef083e3c49a7816f1cfd5ad61919dc37f7e45d57c866.elf
Resource
debian9-armhf-20240611-en
Malware Config
Extracted
mirai
193.84.71.119
89.190.156.145
Targets
-
-
Target
d683ac0fa9513e0a7f14ef083e3c49a7816f1cfd5ad61919dc37f7e45d57c866.elf
-
Size
58KB
-
MD5
15002dd354fe9805a35c818e599cd195
-
SHA1
87ecc7e747938a21b6d97a8bbbe0929ae1fe1ebd
-
SHA256
d683ac0fa9513e0a7f14ef083e3c49a7816f1cfd5ad61919dc37f7e45d57c866
-
SHA512
68dfc26bab44c722982c39db51604bda04972f64a3ebac4ed29ec4da20c9ad265c2e7c62d26dd64cc67b115f4b9bc9d9cdf0743d36e74294510579596b3803f4
-
SSDEEP
768:ds+Vmz0XyboxDHdYGCyvMEcqXrgT8Rv7EolgG18HBTPOlRwoCK/1DLBNOoFYYauT:6+kICwDyGjrgclPYBjOlRrzFyM
Score7/10-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads process memory
Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
-