General
-
Target
db0fa4b8db0333367e9bda3ab68b8042.x86
-
Size
32KB
-
Sample
230718-vc4l5acd48
-
MD5
c375339e398fd39a5203e791e5c37f67
-
SHA1
6afd9fbc01eccd4dfcd972604e4e2cc0119b8243
-
SHA256
c1e5375ed9fadc54370de6cf7758de7323409f29a198287f5a1e4a15cd07ac00
-
SHA512
50a32af8b09fc45bb62c21298d527004350a8746843bce25e04174cf3a4da89a5e0142cb68c2277696b24558dc15e833ed836dd217f574b4a8652242b9da92e9
-
SSDEEP
768:uNyFa59wp6bs++1xqjENnqgVDTDcFCA+0yF65rVifnbcuyD7Uiyqu:ug05qMbsX4qnz1t0Ifnouy8Zqu
Malware Config
Extracted
mirai
UNSTABLE
testbots.maizhangyu.top
Targets
-
-
Target
db0fa4b8db0333367e9bda3ab68b8042.x86
-
Size
32KB
-
MD5
c375339e398fd39a5203e791e5c37f67
-
SHA1
6afd9fbc01eccd4dfcd972604e4e2cc0119b8243
-
SHA256
c1e5375ed9fadc54370de6cf7758de7323409f29a198287f5a1e4a15cd07ac00
-
SHA512
50a32af8b09fc45bb62c21298d527004350a8746843bce25e04174cf3a4da89a5e0142cb68c2277696b24558dc15e833ed836dd217f574b4a8652242b9da92e9
-
SSDEEP
768:uNyFa59wp6bs++1xqjENnqgVDTDcFCA+0yF65rVifnbcuyD7Uiyqu:ug05qMbsX4qnz1t0Ifnouy8Zqu
-
Contacts a large (180873) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-