General
-
Target
loligang.arm7.elf
-
Size
141KB
-
Sample
241222-xlltsawnbp
-
MD5
abde533a1866fb17c76ff1edcf5facd1
-
SHA1
21bd062bb8d518f384ed18ca0f2cef91cffbb5f8
-
SHA256
ce83c30530762a5dc8832ea605a05d7c411c33d63465ce96cc37b7ef02d4223b
-
SHA512
d55f6adfa3dd8b543ed972d6562c8f20cbcb0772f3b7dbc125f2dab9183c92f00feee991f75d85d33add31429f077c64e0d87bda4ab4ef18f159e7e6b116dfec
-
SSDEEP
3072:walgM69pe0QmlTvIUdt9mrsplDKZUQQBKXAVanXX+F8JyvSPhLZ85iBMR6yoC1Qo:walgM69pe0QmlTvI8t9mrsplDKZUQQBt
Behavioral task
behavioral1
Sample
loligang.arm7.elf
Resource
debian12-armhf-20240418-en
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
loligang.arm7.elf
-
Size
141KB
-
MD5
abde533a1866fb17c76ff1edcf5facd1
-
SHA1
21bd062bb8d518f384ed18ca0f2cef91cffbb5f8
-
SHA256
ce83c30530762a5dc8832ea605a05d7c411c33d63465ce96cc37b7ef02d4223b
-
SHA512
d55f6adfa3dd8b543ed972d6562c8f20cbcb0772f3b7dbc125f2dab9183c92f00feee991f75d85d33add31429f077c64e0d87bda4ab4ef18f159e7e6b116dfec
-
SSDEEP
3072:walgM69pe0QmlTvIUdt9mrsplDKZUQQBKXAVanXX+F8JyvSPhLZ85iBMR6yoC1Qo:walgM69pe0QmlTvI8t9mrsplDKZUQQBt
Score9/10-
Contacts a large (20107) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-