General
-
Target
loligang.arm7.elf
-
Size
152KB
-
Sample
241218-t4tessvndv
-
MD5
9cd4922472ca9d4c51932f13166e335e
-
SHA1
c582c682f2f6f70e0101bfe6e2287d42a0599082
-
SHA256
fea0959d65ea7100e7ce7b536138fa11bb44754b167a4377a2b117da70e422b1
-
SHA512
73ce8947b7a777d1b1f10d47b7575d4890d7ddfbd259cdf3fd785d778cdfe2e1d89c284742cbd1acd499a982f9ef1d5e9588e99cd8be42f495a2a517d4550072
-
SSDEEP
3072:ye9bqia5r9J5o9yhpZPH+9mrsplDKZU2QBKXAVanxX+F8JyvIT+hLBA4emlEBDzc:ye9bqia5r97o9yhpZv+9mrsplDKZU2QB
Behavioral task
behavioral1
Sample
loligang.arm7.elf
Resource
debian12-armhf-20240729-en
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
loligang.arm7.elf
-
Size
152KB
-
MD5
9cd4922472ca9d4c51932f13166e335e
-
SHA1
c582c682f2f6f70e0101bfe6e2287d42a0599082
-
SHA256
fea0959d65ea7100e7ce7b536138fa11bb44754b167a4377a2b117da70e422b1
-
SHA512
73ce8947b7a777d1b1f10d47b7575d4890d7ddfbd259cdf3fd785d778cdfe2e1d89c284742cbd1acd499a982f9ef1d5e9588e99cd8be42f495a2a517d4550072
-
SSDEEP
3072:ye9bqia5r9J5o9yhpZPH+9mrsplDKZU2QBKXAVanxX+F8JyvIT+hLBA4emlEBDzc:ye9bqia5r97o9yhpZv+9mrsplDKZU2QB
Score9/10-
Contacts a large (20459) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-