General
-
Target
jew.mpsl.elf
-
Size
118KB
-
Sample
241212-q8n44ayjdj
-
MD5
e9315eed08df8e616e90b23489b11425
-
SHA1
840242925b001dcdba7548e920b18ab74d5b25a1
-
SHA256
c4f1c962ab04c95bc82fbf2b3c7d3b78a902f42fb8e3c23a88559d1522cb35f6
-
SHA512
f33fdb2f8db606d50deb2b7ce64f75f6e80b29579078d7cd54db62b277a5abb06f193a8eda98e1d8ed570871be8d55279087ec3571a5ce7e14b93f4efe0dda85
-
SSDEEP
1536:3bKhLmtwdR2B3aUerZxUKvuNxmVHg1X187ji0z4LoomBeRzsmgexbDrIA/8ElJdw:qZxUcuNxmVHyFkjbz4gWBZ
Behavioral task
behavioral1
Sample
jew.mpsl.elf
Resource
debian12-mipsel-20240221-en
Malware Config
Extracted
mirai
KURC
Targets
-
-
Target
jew.mpsl.elf
-
Size
118KB
-
MD5
e9315eed08df8e616e90b23489b11425
-
SHA1
840242925b001dcdba7548e920b18ab74d5b25a1
-
SHA256
c4f1c962ab04c95bc82fbf2b3c7d3b78a902f42fb8e3c23a88559d1522cb35f6
-
SHA512
f33fdb2f8db606d50deb2b7ce64f75f6e80b29579078d7cd54db62b277a5abb06f193a8eda98e1d8ed570871be8d55279087ec3571a5ce7e14b93f4efe0dda85
-
SSDEEP
1536:3bKhLmtwdR2B3aUerZxUKvuNxmVHg1X187ji0z4LoomBeRzsmgexbDrIA/8ElJdw:qZxUcuNxmVHyFkjbz4gWBZ
Score9/10-
Contacts a large (96625) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-