General
-
Target
jew.arm7
-
Size
133KB
-
Sample
241215-1aqv5syrfm
-
MD5
88443a15b4fa6ebd5609234f6f03e0d5
-
SHA1
3b40c8622a54885a49753f01ee2fc938402f5082
-
SHA256
695271e627cfcebad8ca32728fadc96af553af5d8b05e24dda0c0b56c310acfa
-
SHA512
d016b5e627ea5962f4a25e07bc12506bfc3d43da8361c6126603c2025851fe5decc2df8bdde3461eacd9c84e34ec33c3d3ce8acbff9a37a1e9cc13f7e150f1ce
-
SSDEEP
3072:5KacBqVuJVkW1cIOPZoxNOqMP0wctzHnDPF+84/M/92L18Yj:kacBQuJVkW1cIOaxNOqMPVovF+8MM/9S
Behavioral task
behavioral1
Sample
jew.arm7
Resource
debian12-armhf-20240221-en
Malware Config
Extracted
mirai
KURC
Targets
-
-
Target
jew.arm7
-
Size
133KB
-
MD5
88443a15b4fa6ebd5609234f6f03e0d5
-
SHA1
3b40c8622a54885a49753f01ee2fc938402f5082
-
SHA256
695271e627cfcebad8ca32728fadc96af553af5d8b05e24dda0c0b56c310acfa
-
SHA512
d016b5e627ea5962f4a25e07bc12506bfc3d43da8361c6126603c2025851fe5decc2df8bdde3461eacd9c84e34ec33c3d3ce8acbff9a37a1e9cc13f7e150f1ce
-
SSDEEP
3072:5KacBqVuJVkW1cIOPZoxNOqMP0wctzHnDPF+84/M/92L18Yj:kacBQuJVkW1cIOaxNOqMPVovF+8MM/9S
Score9/10-
Contacts a large (80404) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-