General
-
Target
9065978aa0252f7e70aaecd616602d12.bin
-
Size
27KB
-
Sample
230825-b24tmsab3w
-
MD5
db958a9bb4cc9f4045db93ceb724c942
-
SHA1
4b1b4528d6d9ffdf1b07615dc0a527b24762cda4
-
SHA256
848af283e01bb40a038c014694fd22628a5ca0ac96ff8dd1a7e4bf1281011558
-
SHA512
8ae17287e33a53a3ff167403e638beb32bbd56c013c1d0d6756283e3efb11dbf0fb7845c2e5f6ae7cc8e0ba3ffe3b76f8d87050245280eb6b43356b1c1e1e291
-
SSDEEP
768:DAPbyt+/zhgyHkT/lN4ISP+n1J/XIyOc3ZX0B1HxxY:DAPbyt+/lNEL4kfJOc10B3xY
Behavioral task
behavioral1
Sample
0361a1a77cef36cea5fee27905b39ceeac0ec0812c8eb36f9a6771ced6aad7e5.elf
Resource
ubuntu1804-amd64-20230712-en
Malware Config
Extracted
mirai
CONDI
cnc.condinet.cf
report.condinet.cf
Targets
-
-
Target
0361a1a77cef36cea5fee27905b39ceeac0ec0812c8eb36f9a6771ced6aad7e5.elf
-
Size
50KB
-
MD5
9065978aa0252f7e70aaecd616602d12
-
SHA1
e11a21dff0e6332fcde2303d8d98b835e2b79ea9
-
SHA256
0361a1a77cef36cea5fee27905b39ceeac0ec0812c8eb36f9a6771ced6aad7e5
-
SHA512
35b375ba43b81cdda9a319bfa4653a3f239f22caf61f309b7e15dbb4e144bf3296abaf848610c38e4dee65c055f6f71d3b1852a6218f1e63c1040f382ef1af12
-
SSDEEP
768:ytYRSjaQ9DaZ/oJNExakbMqu8iMlkvKy+h9lCTm/4RsvKQLDJIgMjz:WYRSjaCu1wNPElly+hPCq/4G3LNIgMv
Score9/10-
Contacts a large (57190) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-