Extracted

• • Target

    loligang.mips.elf

  • Size

    87KB

  • MD5

    0f00e4d3e1e1e457bfe99e04f8f05651

  • SHA1

    24f8c12891209b89c80aae030f748f1e254f1a9e

  • SHA256

    1d73e256875598f9cdcef1d65f17070d321f04b85cb84edc3554f25c932d47e9

  • SHA512

    4a3a4b9e93d95c1bb05349ba6ce2efa1a10b7786b1019b84fb7a6232a49a7af01e3416f70d8b6c626adc1591ffff4482e4f0eedfc287c7db2c0ca2e546335689

  • SSDEEP

    1536:1YRdsnDd6C6gb/ZVyDYjMbwqZ9f0vfwW9ufY1C+KBtyRirfXDOiO03J:CHsnD8/gb/zyDv9f0HD9FC+KBtyR6/Dh

  Score

  9^/10

  defense_evasiondiscovery

  • Contacts a large (20542) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion

  • Enumerates active TCP sockets

    Gets active TCP sockets from /proc virtual filesystem.

    discovery

  • Enumerates running processes

    Discovers information about currently running processes on the system

  behavioral1