General
-
Target
991eb0bf723fb0bb950547e2ba9478b05b5542a161296e259caa0c9b76c43ebc.elf
-
Size
131KB
-
Sample
241114-dbkdestdmb
-
MD5
a540f6155293872e718c739ab62c986d
-
SHA1
ee57f1547c5bad3168ff42d2253a4437c40fcc7d
-
SHA256
991eb0bf723fb0bb950547e2ba9478b05b5542a161296e259caa0c9b76c43ebc
-
SHA512
f8938ee84ca093c21c84b4479771779ce0294842f93b052d0e0c8eb4b9b37058dd6f0ba300945fade5b8f3665bd0088bc015598349bf50cb496b68eb675f02b0
-
SSDEEP
3072:cn8IgyDx2d5ktT8w1+eRY3JhIdlkfrTCM/9o1S:48Ax2Tkh8w1+eK5hJfreM/9o1S
Behavioral task
behavioral1
Sample
991eb0bf723fb0bb950547e2ba9478b05b5542a161296e259caa0c9b76c43ebc.elf
Resource
debian9-armhf-20240611-en
Malware Config
Extracted
mirai
193.84.71.119
Targets
-
-
Target
991eb0bf723fb0bb950547e2ba9478b05b5542a161296e259caa0c9b76c43ebc.elf
-
Size
131KB
-
MD5
a540f6155293872e718c739ab62c986d
-
SHA1
ee57f1547c5bad3168ff42d2253a4437c40fcc7d
-
SHA256
991eb0bf723fb0bb950547e2ba9478b05b5542a161296e259caa0c9b76c43ebc
-
SHA512
f8938ee84ca093c21c84b4479771779ce0294842f93b052d0e0c8eb4b9b37058dd6f0ba300945fade5b8f3665bd0088bc015598349bf50cb496b68eb675f02b0
-
SSDEEP
3072:cn8IgyDx2d5ktT8w1+eRY3JhIdlkfrTCM/9o1S:48Ax2Tkh8w1+eK5hJfreM/9o1S
Score7/10-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads process memory
Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
-