General
-
Target
arm7.elf
-
Size
161KB
-
Sample
241219-tagh5svpfm
-
MD5
9d77a063fd8d96acdde0a77ab20e54ca
-
SHA1
5f8f753b69caed69505249eadaf5696d0d13791c
-
SHA256
217f6bf3334bc8e6e5b3ecd877a32e1502b7fb1a38ce9508ab3406eba3d41fa8
-
SHA512
b0d036b651173beac59cb41e8cd2f3ab89c33be4c8cbc26e8964d93525c838ba9bcecfec4c94a9e5e7f6bc8e15dafb0803681bec227fe66a0df9a89864dcbcb9
-
SSDEEP
3072:TO70zMrZqihLA2IlfdagQJKB/48crKovKF8AHtvtM/9VFVpuA:TO70ArZzAvdagQJKBg80C2AHt1M/9lpV
Behavioral task
behavioral1
Sample
arm7.elf
Resource
debian12-armhf-20240221-en
Malware Config
Extracted
mirai
OWARI
Targets
-
-
Target
arm7.elf
-
Size
161KB
-
MD5
9d77a063fd8d96acdde0a77ab20e54ca
-
SHA1
5f8f753b69caed69505249eadaf5696d0d13791c
-
SHA256
217f6bf3334bc8e6e5b3ecd877a32e1502b7fb1a38ce9508ab3406eba3d41fa8
-
SHA512
b0d036b651173beac59cb41e8cd2f3ab89c33be4c8cbc26e8964d93525c838ba9bcecfec4c94a9e5e7f6bc8e15dafb0803681bec227fe66a0df9a89864dcbcb9
-
SSDEEP
3072:TO70zMrZqihLA2IlfdagQJKB/48crKovKF8AHtvtM/9VFVpuA:TO70ArZzAvdagQJKBg80C2AHt1M/9lpV
Score9/10-
Contacts a large (49071) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-