Sample details: 4f207c3ee3831e04ce9694a1c8cd808e --

Hashes
MD5: 4f207c3ee3831e04ce9694a1c8cd808e
SHA1: 62ede369b105427f1f6937bea6722e9240116e22
SHA256: 0d10de22eab391e08fd04048f06959fe94bb2931f167f86c1099ec9402df6923
SSDEEP: 768:NLo8id7YrB38x8WXYQACGjeauzW39lND9Y5V0BstrzriJXSgDNNTyQ4RPLYE:NL3idUrKx8WIQACbzWxq5VZt3riJNDNd
Details
File Type: ELF
Yara Hits
YRP/contentis_base64 | YRP/domain | FlorianRoth/Mirai_Botnet_Malware |
Strings
		/lib/ld-uClibc.so.0
memcpy
libc.so.0
connect
sigemptyset
memmove
getpid
readlink
malloc
recvfrom
socket
select
readdir
sigaddset
accept
calloc
inet_addr
setsockopt
signal
unlink
sendto
realloc
listen
__uClibc_main
memset
getppid
opendir
getsockopt
__errno_location
__data_start
setsid
closedir
sigprocmask
getsockname
__exidx_start
__exidx_end
_edata
__bss_start
__bss_start__
__bss_end__
__end__
POST /cdn-cgi/
 HTTP/1.1
User-Agent: 
Host: 
Cookie: 
/proc/net/tcp
/dev/watchdog
/dev/misc/watchdog
abcdefghijklmnopqrstuvw012345678
MLNKLG
WROKPCK
NMCFGP
WROKPCK
NKQVGLKLE
uEzAs"
FGNGVGF
CLKOG"
QVCVWQ"
pgrmpv
jvvrdnmmf"
nmnlmevdm"
XMNNCPF"
egvnmacnkr"
QJGNN"
GLC@NG"
Q[QVGO"
@WQ[@MZ
okpck"
CRRNGV
DMWLF"
LAMPPGAV"
@WQ[@MZ
@WQ[@MZ
vqMWPAG
gLEKLG
sWGP["
PGQMNT
LCOGQGPTGP
aMLLGAVKML
CNKTG"
cAAGRV
CRRNKACVKML
ZJVON	ZON
CRRNKACVKML
cAAGRV
nCLEWCEG
aMLVGLV
CRRNKACVKML
WPNGLAMFGF"
QGVaMMIKG
PGDPGQJ
NMACVKML
AMMIKG
AMLVGLV
NGLEVJ
VPCLQDGP
GLAMFKLE
AJWLIGF"
AMLLGAVKML
QGPTGP
FMQCPPGQV"
QGPTGP
ANMWFDNCPG
LEKLZ"
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
oCAKLVMQJ
cRRNGuG@iKV
tGPQKML
qCDCPK
.shstrtab
.interp
.dynsym
.dynstr
.rel.plt
.rodata
.init_array
.fini_array
.dynamic
.ARM.attributes