General
-
Target
d5720adb573aa6b64c356951b03299125bad03d91e2100b5f51f365ff6f94ac8
-
Size
49KB
-
Sample
220521-xrsvaacdh2
-
MD5
6af332172c0e2a61f8aa149d0ccb1b90
-
SHA1
7d7c2c5b0758859ca3a4f8ac34d904c895f4de0f
-
SHA256
d5720adb573aa6b64c356951b03299125bad03d91e2100b5f51f365ff6f94ac8
-
SHA512
edb566d50676bdc660de03b15d5a7abdd280c35d1f2957c32521f8b664df9403484660c6094670ab5f111be78102c50094d3a67c3c3e0d9b83e529c417264c42
Malware Config
Targets
-
-
Target
d5720adb573aa6b64c356951b03299125bad03d91e2100b5f51f365ff6f94ac8
-
Size
49KB
-
MD5
6af332172c0e2a61f8aa149d0ccb1b90
-
SHA1
7d7c2c5b0758859ca3a4f8ac34d904c895f4de0f
-
SHA256
d5720adb573aa6b64c356951b03299125bad03d91e2100b5f51f365ff6f94ac8
-
SHA512
edb566d50676bdc660de03b15d5a7abdd280c35d1f2957c32521f8b664df9403484660c6094670ab5f111be78102c50094d3a67c3c3e0d9b83e529c417264c42
Score10/10-
suricata: ET MALWARE ELF/Mirai Variant User-Agent (Outbound)
suricata: ET MALWARE ELF/Mirai Variant User-Agent (Outbound)
-
suricata: ET MALWARE JAWS Webserver Unauthenticated Shell Command Execution
suricata: ET MALWARE JAWS Webserver Unauthenticated Shell Command Execution
-
suricata: ET MALWARE Mirai Variant User-Agent (Outbound)
suricata: ET MALWARE Mirai Variant User-Agent (Outbound)
-
Contacts a large (881436) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-