General
-
Target
a7ef95bdc1e6eaf5870613eb4cc1e808.elf
-
Size
117KB
-
Sample
220920-m2tt8agdfj
-
MD5
a7ef95bdc1e6eaf5870613eb4cc1e808
-
SHA1
d8d20144ac206b47ca645d5f097c69ffeae4cc38
-
SHA256
27442d4436f926ed4239062693a82c497446afde831df9a4d06015dca337ead4
-
SHA512
c03439b77df5568cff7958877fc71f103e733ab374ff19a06af1f43e527c3048a673690e30b527c07b2c3a04e1104fc0be8a446eea837b10727fda0b8b31f559
-
SSDEEP
3072:2UPFmCh+wBmmYfsOungrUItyNuiuDfl0iozNRFb1lRWP:2UPFmCh+wBm5sOungrU20lFb1lRWP
Malware Config
Extracted
mirai
BOTNET
cnc.notabotnet.lol
Targets
-
-
Target
a7ef95bdc1e6eaf5870613eb4cc1e808.elf
-
Size
117KB
-
MD5
a7ef95bdc1e6eaf5870613eb4cc1e808
-
SHA1
d8d20144ac206b47ca645d5f097c69ffeae4cc38
-
SHA256
27442d4436f926ed4239062693a82c497446afde831df9a4d06015dca337ead4
-
SHA512
c03439b77df5568cff7958877fc71f103e733ab374ff19a06af1f43e527c3048a673690e30b527c07b2c3a04e1104fc0be8a446eea837b10727fda0b8b31f559
-
SSDEEP
3072:2UPFmCh+wBmmYfsOungrUItyNuiuDfl0iozNRFb1lRWP:2UPFmCh+wBm5sOungrU20lFb1lRWP
Score9/10-
Contacts a large (242280) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-