General
-
Target
80277a6c7afa194f398ee67d3523bda199af5478d79fa7229494ba2b64250a5f
-
Size
89KB
-
Sample
221130-xbdqesec85
-
MD5
55fb6c954759c5b1e7f6954dd7f3764a
-
SHA1
c26b89acef874d38036231316526a9857209dfea
-
SHA256
80277a6c7afa194f398ee67d3523bda199af5478d79fa7229494ba2b64250a5f
-
SHA512
2462a0c3033fffc8ec0bde9e671e409b6277ec7e38a200561ec8379b8a3b198166b59bc2da232549f7dd0f73590d31a0c8bbd8706e8353bad54c042ca7aa7a98
-
SSDEEP
1536:4YRS2cWY6f6utWSVSDYFMMwqZ9adsR0vf7y9vnk5zlf/A4mqvrrb93K2M:1I2cWRyutWCSDU9aE0Hm9Azlf/A4mOrW
Behavioral task
behavioral1
Sample
80277a6c7afa194f398ee67d3523bda199af5478d79fa7229494ba2b64250a5f
Resource
debian9-mipsbe-en-20211208
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
80277a6c7afa194f398ee67d3523bda199af5478d79fa7229494ba2b64250a5f
-
Size
89KB
-
MD5
55fb6c954759c5b1e7f6954dd7f3764a
-
SHA1
c26b89acef874d38036231316526a9857209dfea
-
SHA256
80277a6c7afa194f398ee67d3523bda199af5478d79fa7229494ba2b64250a5f
-
SHA512
2462a0c3033fffc8ec0bde9e671e409b6277ec7e38a200561ec8379b8a3b198166b59bc2da232549f7dd0f73590d31a0c8bbd8706e8353bad54c042ca7aa7a98
-
SSDEEP
1536:4YRS2cWY6f6utWSVSDYFMMwqZ9adsR0vf7y9vnk5zlf/A4mqvrrb93K2M:1I2cWRyutWCSDU9aE0Hm9Azlf/A4mOrW
Score9/10-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-