General
-
Target
326-1-0x00400000-0x0045ff68-memory.dmp
-
Size
126KB
-
Sample
230630-k82sashf6w
-
MD5
4a7173171698929c7aeaa24198485a6f
-
SHA1
6f2891f70b6eb1846a0f7cf686d91ec02fc90f58
-
SHA256
688cad8e739ae773b3760957044fd58756046ebdcb02f9306e6ac43c249408ab
-
SHA512
16ef94aa134649b7fed675bde46509b1c97089985d586b7aaecbb6948592e25d632d48b67469cf9ee67a861f470e3a88118309fcc11463978d4657a0bbbe5214
-
SSDEEP
1536:8NtDHg9Z24hiMKS3o39gFWziwRywfESUP8ux4AC+f8BL0ZYIe1Fk7Lj:Ytjg9Z24Ve9WwRl3L0YkXj
Malware Config
Extracted
mirai
UNST
Targets
-
-
Target
326-1-0x00400000-0x0045ff68-memory.dmp
-
Size
126KB
-
MD5
4a7173171698929c7aeaa24198485a6f
-
SHA1
6f2891f70b6eb1846a0f7cf686d91ec02fc90f58
-
SHA256
688cad8e739ae773b3760957044fd58756046ebdcb02f9306e6ac43c249408ab
-
SHA512
16ef94aa134649b7fed675bde46509b1c97089985d586b7aaecbb6948592e25d632d48b67469cf9ee67a861f470e3a88118309fcc11463978d4657a0bbbe5214
-
SSDEEP
1536:8NtDHg9Z24hiMKS3o39gFWziwRywfESUP8ux4AC+f8BL0ZYIe1Fk7Lj:Ytjg9Z24Ve9WwRl3L0YkXj
Score9/10-
Contacts a large (18186) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-