General
-
Target
2bad8f8537af64c19b6f4314c354edc0.bin
-
Size
26KB
-
Sample
230510-bn8knsfe8t
-
MD5
9578e774de1af8415e412eafdd2a5def
-
SHA1
5d33e677022e5df9aa714559efd9d1693e8a68b1
-
SHA256
94c49e730a88a2c854e60f27d06f3a33af4e2e1ac32c41bdbfe7c22c375e4963
-
SHA512
b53e86fbd722beded29b1b72fb72c0ffabaee83ea2a585bd0050415bc207c6d7b0a1e98f4a12344adbd83edab9f9491f20620387c7f139093c6d9b6a2af52269
-
SSDEEP
768:vROdvCA7tV1CZN1LnPXdTBZORvhLYXgqE:vRIH7tV1EN1LnVTBSZr
Malware Config
Extracted
mirai
BOTNET
pachoisgay.3utilities.com
Targets
-
-
Target
75a88da8eb68a86955194ffd839ace87201ebad837cf6d9dfddbb2f6a1ef08aa.elf
-
Size
26KB
-
MD5
2bad8f8537af64c19b6f4314c354edc0
-
SHA1
7e49fd3174326b51fa988911dfc517c419710438
-
SHA256
75a88da8eb68a86955194ffd839ace87201ebad837cf6d9dfddbb2f6a1ef08aa
-
SHA512
d63d494730e61965d1bdc9ac36eca64cee00bde9ed07eb7a3c272fc4775cd57d107f21c473a0d23c1cd1551f6e3b5c729e37b44f0c618675013a8fef3b18ff33
-
SSDEEP
384:MUv66YgiokzDM366q1tl81r31ueV9suqK0eaNpVIEWW+ZaWz4lq3+v1RK:x66Y4hy8qi9sK0PINW9WzU9K
-
Contacts a large (108995) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Changes its process name
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-