General
-
Target
X86_64
-
Size
79KB
-
Sample
210927-xmgw8ahgf6
-
MD5
28007c7ac1c6c2880279aeaab2c25f17
-
SHA1
ac64ad6324ac4ccf079dfd4c8255d1cbf3175306
-
SHA256
5fa70a36cc2ac68dfe216e4007848b7e90722a82acc7ca1778780b7393b3f735
-
SHA512
d8b63bd73cd59f852723fdf58ea661a56bb1924746b8c4b0a9ca609cc02a532d51b3d51ccbcc798b6f734365377bbef1cf5bd706f7359f560386855ed14f7547
Static task
static1
Behavioral task
behavioral1
Sample
X86_64
Resource
ubuntu-amd64
Behavioral task
behavioral2
Sample
X86_64
Resource
debian9-mipsel
Behavioral task
behavioral3
Sample
X86_64
Resource
debian9-mipsbe
Malware Config
Targets
-
-
Target
X86_64
-
Size
79KB
-
MD5
28007c7ac1c6c2880279aeaab2c25f17
-
SHA1
ac64ad6324ac4ccf079dfd4c8255d1cbf3175306
-
SHA256
5fa70a36cc2ac68dfe216e4007848b7e90722a82acc7ca1778780b7393b3f735
-
SHA512
d8b63bd73cd59f852723fdf58ea661a56bb1924746b8c4b0a9ca609cc02a532d51b3d51ccbcc798b6f734365377bbef1cf5bd706f7359f560386855ed14f7547
Score9/10-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-