General
-
Target
jew.arm.elf
-
Size
67KB
-
Sample
240701-z3wreszemf
-
MD5
0e84b6f0e27b20c554a5c095c6213452
-
SHA1
3dbc5c11531970b1d75462cf2013835af52ca5e6
-
SHA256
bdaec8cbc441271290382b3ade8e146e619bbf3dae1b8f1cd4c544b74bb66553
-
SHA512
2c22010460d49fd134b97e4f10a158860b7bb31d45ed81edc640fe62f805b45ba8affa95009f0c7e1c03a9aac2d6108addf9ebd7b217294a00429ba0b9f7ad69
-
SSDEEP
1536:B/vIw/HGSF9c9nWh89DWbYJNkbK2sKx0lG9WcqEjcJK37d42+:B/Zu5xCsKGG9bqxJIZ
Behavioral task
behavioral1
Sample
jew.arm.elf
Resource
debian9-armhf-20240418-en
Malware Config
Extracted
mirai
KURC
Targets
-
-
Target
jew.arm.elf
-
Size
67KB
-
MD5
0e84b6f0e27b20c554a5c095c6213452
-
SHA1
3dbc5c11531970b1d75462cf2013835af52ca5e6
-
SHA256
bdaec8cbc441271290382b3ade8e146e619bbf3dae1b8f1cd4c544b74bb66553
-
SHA512
2c22010460d49fd134b97e4f10a158860b7bb31d45ed81edc640fe62f805b45ba8affa95009f0c7e1c03a9aac2d6108addf9ebd7b217294a00429ba0b9f7ad69
-
SSDEEP
1536:B/vIw/HGSF9c9nWh89DWbYJNkbK2sKx0lG9WcqEjcJK37d42+:B/Zu5xCsKGG9bqxJIZ
Score9/10-
Contacts a large (118134) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-