General
-
Target
a51984808c733ab96f33c55556c6d58ff7673484ee0397d0e12991d3193bc250.elf
-
Size
60KB
-
Sample
241114-ddmxbstdrj
-
MD5
f7b11e054547f677dca9fa8913f955bc
-
SHA1
52933ef132e1f2f0b0bfce5b4cd95e4ea4530d76
-
SHA256
a51984808c733ab96f33c55556c6d58ff7673484ee0397d0e12991d3193bc250
-
SHA512
a1d10215c8f552622fa0a082b7278e953b7796d72eef16d41e6613f26c105c1a6931f4abcc0954a5129c0506bb32f090c3d7592e831f7e179dd70e22d1c4eff6
-
SSDEEP
768:SVti3685jhEYETNSWkmB9KYdJ0OuwYfPMx/18HDT3Y1joor6dH4WBNOBFY3T60PW:Ytm1RERtVJ0dzMhYD7Y1j/vFmI
Behavioral task
behavioral1
Sample
a51984808c733ab96f33c55556c6d58ff7673484ee0397d0e12991d3193bc250.elf
Resource
debian9-armhf-20240611-en
Malware Config
Extracted
mirai
193.84.71.119
89.190.156.145
Targets
-
-
Target
a51984808c733ab96f33c55556c6d58ff7673484ee0397d0e12991d3193bc250.elf
-
Size
60KB
-
MD5
f7b11e054547f677dca9fa8913f955bc
-
SHA1
52933ef132e1f2f0b0bfce5b4cd95e4ea4530d76
-
SHA256
a51984808c733ab96f33c55556c6d58ff7673484ee0397d0e12991d3193bc250
-
SHA512
a1d10215c8f552622fa0a082b7278e953b7796d72eef16d41e6613f26c105c1a6931f4abcc0954a5129c0506bb32f090c3d7592e831f7e179dd70e22d1c4eff6
-
SSDEEP
768:SVti3685jhEYETNSWkmB9KYdJ0OuwYfPMx/18HDT3Y1joor6dH4WBNOBFY3T60PW:Ytm1RERtVJ0dzMhYD7Y1j/vFmI
Score7/10-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads process memory
Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
-