General
-
Target
d4ce6a8367d840118afdb064c639cc74.bin
-
Size
35KB
-
Sample
230506-d1q79sab3x
-
MD5
5163206e01ecaeecfc652315778747d4
-
SHA1
6c986d4a088feac05558d590803bc580a53cb6bf
-
SHA256
3953d20f417441a7a2a2616b9a3b4f2b40b29453baacab4d66d184d4f5409338
-
SHA512
043546b733834e6a1251ba57a83bf9abcd6868276e38e4fc5db999ec4cc404ae41698ec03191548fb19d374946774f73b935308b5405be1837b212e772a7030b
-
SSDEEP
768:O4oJDRD94XQpP8OpiUNTHFyhVDFvB14Li3MN+XP1pjY31m3bHERvk:ODhRPppp5NTlCVDF5CuW+XdGML28
Malware Config
Extracted
mirai
UNSTABLE
Targets
-
-
Target
89ded71040f0f0b728b5ce4d9c0affd87bae2e227068b515fc8099f6ea310ffc.elf
-
Size
37KB
-
MD5
d4ce6a8367d840118afdb064c639cc74
-
SHA1
85cf4120be8faf5c3736a7045d4a5921fe5ab542
-
SHA256
89ded71040f0f0b728b5ce4d9c0affd87bae2e227068b515fc8099f6ea310ffc
-
SHA512
7279bb9dc79281d0283b24ee5ffccb32bd2959d400e959ab7f8d2fa7a20173e63b350d94daeb4e27224cf2c4545a6e7a928b7c9daffb7c403ab8c49665909d0d
-
SSDEEP
768:8cFiyluiEduvR0MrPNjIvSGb22VjGqxQLZUiBxTQFTT9nsd6WMI:vFdY4ynbV6BLh7QRT9nUx
-
Contacts a large (147442) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Changes its process name
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-