General
-
Target
32710x004000000x00461fd0m.dmp
-
Size
134KB
-
Sample
230709-xr79zafb54
-
MD5
ae34e315b05ddb0f6122bd86f65e545c
-
SHA1
eca5b7b8a92de9baf9cec15db5a3db4322c8309f
-
SHA256
3be1f2e91087e70168b346a37976a3b2c3bd88b40d93a64c83187bbec6be7ca3
-
SHA512
e08687285da7490a242876793e89f4bd7f05a02735c14496273f0c07b6794a136f0cd9e6018a8e97aa145af03ff4ea7b71a93bb5e21ab553fdb116099e7613d2
-
SSDEEP
3072:AtEmB3zECZe1h0/41CUs7khKihyoAfH1fOwELa:AamBzECZeQBjkhKihHAfHDE+
Malware Config
Extracted
mirai
UNST
Targets
-
-
Target
32710x004000000x00461fd0m.dmp
-
Size
134KB
-
MD5
ae34e315b05ddb0f6122bd86f65e545c
-
SHA1
eca5b7b8a92de9baf9cec15db5a3db4322c8309f
-
SHA256
3be1f2e91087e70168b346a37976a3b2c3bd88b40d93a64c83187bbec6be7ca3
-
SHA512
e08687285da7490a242876793e89f4bd7f05a02735c14496273f0c07b6794a136f0cd9e6018a8e97aa145af03ff4ea7b71a93bb5e21ab553fdb116099e7613d2
-
SSDEEP
3072:AtEmB3zECZe1h0/41CUs7khKihyoAfH1fOwELa:AamBzECZeQBjkhKihHAfHDE+
Score9/10-
Contacts a large (20596) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-