General
-
Target
84a88b40d9e2fe36e6a73b93898dddc2.bin
-
Size
30KB
-
Sample
230515-bxsktaec63
-
MD5
e2323b513a5c400278b8fc024a1b6a43
-
SHA1
9325b007c255dd9dbb8929655190145e7ccfd5a5
-
SHA256
25cf0343387ebf44fcde6cbe9c47bd699b52fab13e6f963c9caba8c2f8b57388
-
SHA512
bb3aaf7a80333a58331d3d21e172eb746593ebbb5bcdfedef7708fb3a73be5ca3d4ac0f36f3b6060010a8dd2af36b9e65619104469565a75ccd4aa0dc18a84d8
-
SSDEEP
768:tEi4QP1hT8BSUMmagMKVImNWI/AXrrsEtKX3JES7sWt20z/:GjATTUSUMm1VYIGrpKX3Tz/
Malware Config
Targets
-
-
Target
9ee35bb8aa6a7e7178ea47530bcb11f77669111b77953b96881e10c94a8b9ee9.elf
-
Size
30KB
-
MD5
84a88b40d9e2fe36e6a73b93898dddc2
-
SHA1
3236d5a9361d89f1355259ccb27a5c575aff7492
-
SHA256
9ee35bb8aa6a7e7178ea47530bcb11f77669111b77953b96881e10c94a8b9ee9
-
SHA512
aa77ee885c4063e734e79538d74b03fb1e78d3cc8b4c6d52da12c77ec78f8e7c97e431d5701880e8ce0a33e99a5c719e11d4af811e1ec7840c9cec71e992661b
-
SSDEEP
384:M7j+HABXrVZpAqNCADhauGewNXmQ55BryYxN4TkTJBkeksweuotb+ZHpZwDnHqmk:hHKXrVZpAqXzGe4H5eCueFOZJZIHqmQT
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Contacts a large (73551) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-