General
-
Target
loligang.mpsl.elf
-
Size
103KB
-
Sample
241218-t4tesswmdp
-
MD5
1633776dee8ef5eb8c80e95364ee26e3
-
SHA1
f205e6078e98a9233f90bb8a0bd2b4c79a23a413
-
SHA256
33dc056b0f01ec8c878617d649800c32d387ef0e73ace537894a86c42cb7ee6d
-
SHA512
35e944be00e6980c215b682aa2b1a9f670d3cacbc5b7ff8e952213c24ad45fa562f8b94723272bb615140d2de53a65346cd4486d04e17a92fcc7d510ce94ff12
-
SSDEEP
1536:d7fjpr4NEQu3p0ZwIGH5PbpTBRRtBeiZebzELYtiYp:d7fjpr53pndeis9Q2
Behavioral task
behavioral1
Sample
loligang.mpsl.elf
Resource
debian9-mipsel-20240729-en
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
loligang.mpsl.elf
-
Size
103KB
-
MD5
1633776dee8ef5eb8c80e95364ee26e3
-
SHA1
f205e6078e98a9233f90bb8a0bd2b4c79a23a413
-
SHA256
33dc056b0f01ec8c878617d649800c32d387ef0e73ace537894a86c42cb7ee6d
-
SHA512
35e944be00e6980c215b682aa2b1a9f670d3cacbc5b7ff8e952213c24ad45fa562f8b94723272bb615140d2de53a65346cd4486d04e17a92fcc7d510ce94ff12
-
SSDEEP
1536:d7fjpr4NEQu3p0ZwIGH5PbpTBRRtBeiZebzELYtiYp:d7fjpr53pndeis9Q2
Score9/10-
Contacts a large (20316) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-