General
-
Target
0df3df74b1af3b9176aab1866845145b.bin
-
Size
32KB
-
Sample
230325-bc8fjaac63
-
MD5
3e131a63e333ec73c223140bdf63b9bc
-
SHA1
bf623eec7f15267864c40f7dd1a80dbac4283a3b
-
SHA256
1f1ff743d7ce2adeb06cdaef1269d6733c26619ada5cb66d67574f8df9daec29
-
SHA512
a79305607b8f69fb7eb65284f385847f65e37502f8362294c7704c4b18285516ef00b5fdb9987f0aa39184d211e49fdca58c216f1bdd46762d57a423a9e9a60d
-
SSDEEP
768:tiA4lr7qqXsrOJ1V3zRnvrIazmUPlFntZTHQtJUPkFWSY:0lCqXh1V3mUPlF7TwtJUswF
Malware Config
Extracted
mirai
admin.duc3k.com
Targets
-
-
Target
84241a72c6c137e15034a78b5a0ae7de9e982f1cf63d347d47f260e99a5918cf.elf
-
Size
61KB
-
MD5
0df3df74b1af3b9176aab1866845145b
-
SHA1
1d2f60f9300b23cbc060689d8be52b357ca8fe29
-
SHA256
84241a72c6c137e15034a78b5a0ae7de9e982f1cf63d347d47f260e99a5918cf
-
SHA512
c761a28f40b26a172258ec338ac265991fd4926e341c73397483d581def160066e254e77ba6d9a6d45ce55d031b35a6288f1988041435960eb027ae72aba4fa2
-
SSDEEP
1536:zCsMRwSSVh9i2EzxU3J1yXkuUV/B7oaAEibu3b:VMXs+ZcJ1ZuUV/BUREibOb
Score9/10-
Contacts a large (37371) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-