General
-
Target
2bad8f8537af64c19b6f4314c354edc0.elf
-
Size
26KB
-
Sample
230508-vqtzvabg72
-
MD5
2bad8f8537af64c19b6f4314c354edc0
-
SHA1
7e49fd3174326b51fa988911dfc517c419710438
-
SHA256
75a88da8eb68a86955194ffd839ace87201ebad837cf6d9dfddbb2f6a1ef08aa
-
SHA512
d63d494730e61965d1bdc9ac36eca64cee00bde9ed07eb7a3c272fc4775cd57d107f21c473a0d23c1cd1551f6e3b5c729e37b44f0c618675013a8fef3b18ff33
-
SSDEEP
384:MUv66YgiokzDM366q1tl81r31ueV9suqK0eaNpVIEWW+ZaWz4lq3+v1RK:x66Y4hy8qi9sK0PINW9WzU9K
Malware Config
Extracted
mirai
BOTNET
pachoisgay.3utilities.com
Targets
-
-
Target
2bad8f8537af64c19b6f4314c354edc0.elf
-
Size
26KB
-
MD5
2bad8f8537af64c19b6f4314c354edc0
-
SHA1
7e49fd3174326b51fa988911dfc517c419710438
-
SHA256
75a88da8eb68a86955194ffd839ace87201ebad837cf6d9dfddbb2f6a1ef08aa
-
SHA512
d63d494730e61965d1bdc9ac36eca64cee00bde9ed07eb7a3c272fc4775cd57d107f21c473a0d23c1cd1551f6e3b5c729e37b44f0c618675013a8fef3b18ff33
-
SSDEEP
384:MUv66YgiokzDM366q1tl81r31ueV9suqK0eaNpVIEWW+ZaWz4lq3+v1RK:x66Y4hy8qi9sK0PINW9WzU9K
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Contacts a large (114867) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Changes its process name
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-