General
-
Target
da1dd85a4c0caad250e12ceb09a7ebec.elf
-
Size
52KB
-
Sample
230504-krldzsbb46
-
MD5
da1dd85a4c0caad250e12ceb09a7ebec
-
SHA1
a42dd1975668a14540656802322b0b84a631865d
-
SHA256
7f295bcbb274edcdf9b6f927ca1bdb48ae7052d72d14563794c13073a811bfad
-
SHA512
3a354871f4e5cf83add2ba83357b7132afa8fa4e3e5ed0520acde1434a6547c3e512b4097f929a5b82812c36ff592eaa0970930450e99b64f6bf0b6e03220bab
-
SSDEEP
768:fPyuZr6HxkmEt3VY92uqUZlKOzzOTMoUH27J+nus9q3UELVVhRLRP5/JqpecU:Jq43VTU6OGg6+nu1LVVhRNRgpecU
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
da1dd85a4c0caad250e12ceb09a7ebec.elf
-
Size
52KB
-
MD5
da1dd85a4c0caad250e12ceb09a7ebec
-
SHA1
a42dd1975668a14540656802322b0b84a631865d
-
SHA256
7f295bcbb274edcdf9b6f927ca1bdb48ae7052d72d14563794c13073a811bfad
-
SHA512
3a354871f4e5cf83add2ba83357b7132afa8fa4e3e5ed0520acde1434a6547c3e512b4097f929a5b82812c36ff592eaa0970930450e99b64f6bf0b6e03220bab
-
SSDEEP
768:fPyuZr6HxkmEt3VY92uqUZlKOzzOTMoUH27J+nus9q3UELVVhRLRP5/JqpecU:Jq43VTU6OGg6+nu1LVVhRNRgpecU
-
Contacts a large (19085) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-