General
-
Target
ef69d9937376e699bd7ed3128c23dde6.bin
-
Size
59KB
-
Sample
240701-emnewsygjl
-
MD5
72586cc70e23113f06ecf5f508d46dde
-
SHA1
d617e884c5ba4a7d402e0258cd3e2bd1289c08e5
-
SHA256
0c42998e071d3af0174b5f4417001dc25850dbe3b8186a77e71df212d9a3d1df
-
SHA512
39f5ccab14ddf1fdce3e188bd674354a711505e4f4facdf5861159d066951f098fa3023a5564c2da175b7712388a099353ccf00489afc5a6275a0696998b2b69
-
SSDEEP
768:mjuLy8FX6ohwSilyQ8fUUXg9oY317bvQADwsqjFiU4qBfM4cxQMSCtnSAL3rq5PK:kiZ60U2f/vAxvQi6dB0jXTrsP/FpF4
Behavioral task
behavioral1
Sample
7fbc24fea9f2259997f051bfdd08ea74867d19c4fe2a112818624f1a31cf52c5.elf
Resource
debian9-armhf-20240611-en
Malware Config
Targets
-
-
Target
7fbc24fea9f2259997f051bfdd08ea74867d19c4fe2a112818624f1a31cf52c5.elf
-
Size
60KB
-
MD5
ef69d9937376e699bd7ed3128c23dde6
-
SHA1
c6ea02278ec93218059b779142b6a10677146291
-
SHA256
7fbc24fea9f2259997f051bfdd08ea74867d19c4fe2a112818624f1a31cf52c5
-
SHA512
99e661f25b9a8126a5cedb7a7d9daf2ca6b4c28fc40c995fe9fb48a42287ccaed852147081e38c7df661cd80a0337eb013dda1a3aa7c8c0848a9256868f5cb4c
-
SSDEEP
1536:khiZIXLIAaYnY1bSfgUySGOwpPPPrRCyHaktq:iiZIXLIAa2YT5nr96ktq
Score7/10-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Writes file to system bin folder
-