General
-
Target
7a9087623c239af857f69cf79fe8b3a7.bin
-
Size
34KB
-
Sample
230602-cdys6ahg6x
-
MD5
9f88bc570dcece140e93080d405f19a6
-
SHA1
eefd8400c645f6e823408db9927463b5fb356b14
-
SHA256
33b29d6f086de198232ab22182f39592c96b53f741b1694d7dbd3cb4952a3a69
-
SHA512
d3899a303dbfebe65bbe8289222baacd576d9b6f53ed2de1bf25f0a771d805667f164870a1412646e56ddc3bea45dca46e0588004f32960465f134c0fa457a83
-
SSDEEP
768:QX6rqGWahlwXvIVuury9EwU5809ZET4JacHf/9wcOHFsCV:QKK8UkFeOVO4JDHn95O3
Malware Config
Extracted
mirai
UNSTABLE
Targets
-
-
Target
a84de46a574ff256be2b974a1243536c34d183198973a89ae9faa6a7fb0de768.elf
-
Size
35KB
-
MD5
7a9087623c239af857f69cf79fe8b3a7
-
SHA1
72a74212fb7697bf350ee8923a7dfcab467e7dae
-
SHA256
a84de46a574ff256be2b974a1243536c34d183198973a89ae9faa6a7fb0de768
-
SHA512
ea564839fb452ddf0df9c0af31ac5c849252d5fabbc4389257ccfb59bd26b987df7a00e884e6a79ed5bc8085d1e880f430a7f3ca42996dfbc43fdd2e0950eb3c
-
SSDEEP
768:mE1T2TphOV0R3IE/XZ3nfjysjkry2/rjJ1xmXWMW:mMn097B3fF2TjJ1xm+
-
Contacts a large (196565) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-