Extracted

• • Target

    24be3b0c01c3d1227102e39811330184169556bbeb910e4fe75b3180731d50c1.elf

  • Size

    77KB

  • MD5

    2a0946a77d359c822142647a4d524dec

  • SHA1

    332faf26e9d8d30bf10e8d733cb73aa8fdc4377c

  • SHA256

    24be3b0c01c3d1227102e39811330184169556bbeb910e4fe75b3180731d50c1

  • SHA512

    a37c230ff485e6cd7d4f814091c5070835a69ded91fd34d9bf3d22f37ede29e2de95080caa742ba961e25d737d91f74cb8079cb49fb51d7ad26767014931e29d

  • SSDEEP

    1536:zwSvpGztmW1ga/BmP5Q99ss6VPaNY3Sdep5eryJeZWAO32xRM:zwwpX3SEer2whOGx+

  Score

  9^/10

  defense_evasiondiscovery

  • Contacts a large (19625) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion

  • Enumerates active TCP sockets

    Gets active TCP sockets from /proc virtual filesystem.

    discovery

  • Enumerates running processes

    Discovers information about currently running processes on the system

  behavioral1