General
-
Target
jew.arm7.elf
-
Size
137KB
-
Sample
240701-z3wrestfnl
-
MD5
9c111291ffe3399fe4d628e77413174c
-
SHA1
04e95298482cf7da4a21a0f92805eabffad7e9a2
-
SHA256
5f740c98c37ca5411b1e375a564fd5ddc457cb869a3d60feb34d3a27fbc039bf
-
SHA512
53e0bfc4e7194f888cd22305ac47e746ae9ea3858ac4275b6c81512c2ec528e851665182c49576e49f7333c586bc40259cbfe86900791abe518dee8677f571cf
-
SSDEEP
3072:TjTXyWR5qNTBWM4H0weKsptyaEHSrkBziEdn+r9pM/9PUB3LYC:nTXyUq9BWM4HpextyaEH8sr+r/M/9WYC
Behavioral task
behavioral1
Sample
jew.arm7.elf
Resource
debian12-armhf-20240418-en
Malware Config
Extracted
mirai
KURC
Targets
-
-
Target
jew.arm7.elf
-
Size
137KB
-
MD5
9c111291ffe3399fe4d628e77413174c
-
SHA1
04e95298482cf7da4a21a0f92805eabffad7e9a2
-
SHA256
5f740c98c37ca5411b1e375a564fd5ddc457cb869a3d60feb34d3a27fbc039bf
-
SHA512
53e0bfc4e7194f888cd22305ac47e746ae9ea3858ac4275b6c81512c2ec528e851665182c49576e49f7333c586bc40259cbfe86900791abe518dee8677f571cf
-
SSDEEP
3072:TjTXyWR5qNTBWM4H0weKsptyaEHSrkBziEdn+r9pM/9PUB3LYC:nTXyUq9BWM4HpextyaEH8sr+r/M/9WYC
Score9/10-
Contacts a large (45680) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-