General
-
Target
3063db1d8b9970df0c740e8c7d5b9bfa.elf
-
Size
34KB
-
Sample
230721-qq8qsafd2v
-
MD5
3063db1d8b9970df0c740e8c7d5b9bfa
-
SHA1
69fb67be086affc9cd4940db800bb58fc98df77a
-
SHA256
d1382ae79bfca963d493ada55cdc759a2c809d66020c55722b0016f6c6522874
-
SHA512
566c2fc1e9a59732c169d1750b74bcbd04af35a0bc906169f3a19f4ab7fc8348bdfce9749b974ef5480c8daefc017cd428b68ec8972eaeac9e4370cb3da6c6cd
-
SSDEEP
768:2KDYrnxTs7hkm8/XWfFMHNDuCQ8eupoEIwURusnbcuyD7UfyqV:2DFi8vaFMHNysIwUNnouy8qqV
Malware Config
Extracted
mirai
UNSTABLE
bp.skyman.cloud
Targets
-
-
Target
3063db1d8b9970df0c740e8c7d5b9bfa.elf
-
Size
34KB
-
MD5
3063db1d8b9970df0c740e8c7d5b9bfa
-
SHA1
69fb67be086affc9cd4940db800bb58fc98df77a
-
SHA256
d1382ae79bfca963d493ada55cdc759a2c809d66020c55722b0016f6c6522874
-
SHA512
566c2fc1e9a59732c169d1750b74bcbd04af35a0bc906169f3a19f4ab7fc8348bdfce9749b974ef5480c8daefc017cd428b68ec8972eaeac9e4370cb3da6c6cd
-
SSDEEP
768:2KDYrnxTs7hkm8/XWfFMHNDuCQ8eupoEIwURusnbcuyD7UfyqV:2DFi8vaFMHNysIwUNnouy8qqV
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Contacts a large (205351) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-