Extracted

• • Target

    c5a3d982523c2933f0f1defa83e740f334d51c45031a21d168d11de96da4556e.elf

  • Size

    72KB

  • MD5

    9297b87c34edf9af6d0bd30259d86347

  • SHA1

    c230bca8b7b52b618fb702dbd981de9a8ecbccc5

  • SHA256

    c5a3d982523c2933f0f1defa83e740f334d51c45031a21d168d11de96da4556e

  • SHA512

    d008f6fd71c8b3e142a51db429b4e84a3e91d90ee6e9d72f2a0b62eed1569f7841366522c45f27b51fde4584ede856aeddfcedeccf04cfd82d32631b0762ec42

  • SSDEEP

    1536:JBnSqeBG3AXdo//H7vJZ4oOhUX4yautS6yPimg9E9ljaiHHw6LR5:peA3z/fAoO6oyautS6yPimX7w6t

  Score

  9^/10

  defense_evasiondiscovery

  • Contacts a large (110200) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • Deletes itself

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion

  • Renames itself

  • Unexpected DNS network traffic destination

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

  behavioral1