General
-
Target
589-1-0x0000000008048000-0x0000000008058940-memory.dmp
-
Size
64KB
-
Sample
230827-a4h5aagd9v
-
MD5
9f6325cf3e4cbcd88d62273a7b6636dd
-
SHA1
27b07e643cc1077b0ed08fe516ed5f95213371c6
-
SHA256
38f0061b30a42bb225b1830bb04cbd85745bac649eedfdaeeca59d12d2d06f57
-
SHA512
94380e53db38ba6deb6fe4029ab6b0bad09a225de4e04704ffde84b353eb4ff21a81f1fcd74f595ba41c5f8706935c6797dde4d40afce80eeaf9e1ccaa122707
-
SSDEEP
1536:VTCqenxnnMOskxk+QbUKO4Dy+fArjhwZYcAru13Z:4qExnnM2eNUH4Dyumjhw2Nry
Malware Config
Extracted
mirai
UNSTABLE
Targets
-
-
Target
589-1-0x0000000008048000-0x0000000008058940-memory.dmp
-
Size
64KB
-
MD5
9f6325cf3e4cbcd88d62273a7b6636dd
-
SHA1
27b07e643cc1077b0ed08fe516ed5f95213371c6
-
SHA256
38f0061b30a42bb225b1830bb04cbd85745bac649eedfdaeeca59d12d2d06f57
-
SHA512
94380e53db38ba6deb6fe4029ab6b0bad09a225de4e04704ffde84b353eb4ff21a81f1fcd74f595ba41c5f8706935c6797dde4d40afce80eeaf9e1ccaa122707
-
SSDEEP
1536:VTCqenxnnMOskxk+QbUKO4Dy+fArjhwZYcAru13Z:4qExnnM2eNUH4Dyumjhw2Nry
Score9/10-
Contacts a large (154034) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-