General
-
Target
aed49bccdeca28913942f2362217d11c.elf
-
Size
45KB
-
Sample
230603-z8fmdsaf3x
-
MD5
aed49bccdeca28913942f2362217d11c
-
SHA1
7b01805655ee5ec0379b2d3251b325675d72561d
-
SHA256
15749284972ee3fc0e8534905f666b27722020b49090ea08a04ea2eb46628ebb
-
SHA512
db86c7ace384d2f413e8d9e4ae28713e42d9e61de9430981926814a905dcdac0c3353bc41bc3f3d42dfb4b0e259f890902917c34963e4ad7bcbec178b38a6bd4
-
SSDEEP
768:JW2myW5zrY3m+KDOtELVpuyUEQNIM4ZktwkVlXFbkdzxll9q3UELMIk9r/e/lQMv:A7d5zrY3mVqtSEyUE0IM4Fk7Fbkdzv4x
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
aed49bccdeca28913942f2362217d11c.elf
-
Size
45KB
-
MD5
aed49bccdeca28913942f2362217d11c
-
SHA1
7b01805655ee5ec0379b2d3251b325675d72561d
-
SHA256
15749284972ee3fc0e8534905f666b27722020b49090ea08a04ea2eb46628ebb
-
SHA512
db86c7ace384d2f413e8d9e4ae28713e42d9e61de9430981926814a905dcdac0c3353bc41bc3f3d42dfb4b0e259f890902917c34963e4ad7bcbec178b38a6bd4
-
SSDEEP
768:JW2myW5zrY3m+KDOtELVpuyUEQNIM4ZktwkVlXFbkdzxll9q3UELMIk9r/e/lQMv:A7d5zrY3mVqtSEyUE0IM4Fk7Fbkdzv4x
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Writes file to system bin folder
-