General
-
Target
teste.arm
-
Size
150KB
-
Sample
241203-zbqfbsspgx
-
MD5
dc69acabdee7d74b1b3d04a14ace1770
-
SHA1
25a48bbb1582d46300b168830e60327d74266ca7
-
SHA256
cc6d518efad6da404b1ee66d42f4b8734095832ce4cade2c3f410dd51fcc26ef
-
SHA512
6deb6dd560ac3275c997a2b84a0f46d809ca14e62dff16e1f62dc117b811fd4abf32a6c9497e2505d0069929a7f613f286292df29e724a1a0a738d3c86fcadcb
-
SSDEEP
3072:S4ckCtTQc2mNCGOLBFb4UJvVSHpbck03Pdty:S4c3thxCGyzb4U+HRX03Pdo
Behavioral task
behavioral1
Sample
teste.arm
Resource
debian9-armhf-20240611-en
Malware Config
Extracted
mirai
UNSTABLE
Targets
-
-
Target
teste.arm
-
Size
150KB
-
MD5
dc69acabdee7d74b1b3d04a14ace1770
-
SHA1
25a48bbb1582d46300b168830e60327d74266ca7
-
SHA256
cc6d518efad6da404b1ee66d42f4b8734095832ce4cade2c3f410dd51fcc26ef
-
SHA512
6deb6dd560ac3275c997a2b84a0f46d809ca14e62dff16e1f62dc117b811fd4abf32a6c9497e2505d0069929a7f613f286292df29e724a1a0a738d3c86fcadcb
-
SSDEEP
3072:S4ckCtTQc2mNCGOLBFb4UJvVSHpbck03Pdty:S4c3thxCGyzb4U+HRX03Pdo
Score9/10-
Contacts a large (11770) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-