Extracted

• • Target

    morte.arm.elf

  • Size

    46KB

  • MD5

    40ff50adb87633663f31ee41209ef93f

  • SHA1

    84dd6affe4c4ba1f104e05edc722efef1d97f42b

  • SHA256

    abd500b9bf0846da97408d1e38e864363f217e52b2926e637159f445b76a4e80

  • SHA512

    da106b7642110050b0e9125f5cb35ba9e16b27e100472468a213192870a105fad5b616e09d9bcae852bccf3b0c5b00d6eae9131e94e7ba7ad38e54fc360a6dbb

  • SSDEEP

    768:doeOkqBfuEN/pKD14OvVvmIynRGmO0dU8bQn3LkpJglHA6woUS+Qls04VICqCHE7:dOdwUxqVuVcydU8q3LEglbwohUpHSlr9

  Score

  10^/10

  mirailzrdbotnetdefense_evasiondiscovery

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai

  • Mirai family

    mirai

  • Contacts a large (24075) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  behavioral1