General
-
Target
d594110268d10e2132dc62aebeb30da7.elf
-
Size
28KB
-
Sample
230519-yjnq2afg84
-
MD5
d594110268d10e2132dc62aebeb30da7
-
SHA1
005ae99ab6fea731acdcc3da700b966a435db2f8
-
SHA256
445839aefa1051bea0ea450970e1764a80315c5e9be01875d9629e70dc7e841d
-
SHA512
93978b3c87bf21ef0cd54172c4cf4cc0b94848f4bf9277d4e6ca63528937d6fba17ff79e02089ba01932d6c4435704480b63e493f2fc47d691aa0138959c2780
-
SSDEEP
768:zy5RtZxop0GqSeXU9TBSfgz7yjY8zsgNcWL:u7ZxoCGHu+BSoKjZT5
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
d594110268d10e2132dc62aebeb30da7.elf
-
Size
28KB
-
MD5
d594110268d10e2132dc62aebeb30da7
-
SHA1
005ae99ab6fea731acdcc3da700b966a435db2f8
-
SHA256
445839aefa1051bea0ea450970e1764a80315c5e9be01875d9629e70dc7e841d
-
SHA512
93978b3c87bf21ef0cd54172c4cf4cc0b94848f4bf9277d4e6ca63528937d6fba17ff79e02089ba01932d6c4435704480b63e493f2fc47d691aa0138959c2780
-
SSDEEP
768:zy5RtZxop0GqSeXU9TBSfgz7yjY8zsgNcWL:u7ZxoCGHu+BSoKjZT5
-
Contacts a large (20481) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Deletes itself
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-