General
-
Target
d4933d467e1da4f2f1599438776f98ed32a91ff88e19d90bd7ff4fe18d185005_JC.elf
-
Size
66KB
-
Sample
231001-zhzmksfb52
-
MD5
42060e4a7b0aca6bd8d200977b2f8bf9
-
SHA1
5cf1c3414af79da593e4f087424be2146ac653b7
-
SHA256
d4933d467e1da4f2f1599438776f98ed32a91ff88e19d90bd7ff4fe18d185005
-
SHA512
302a6877dae54fd1a19b619fe157b33aafc314f4f6990bd7961b01b8ad7c5d72692689a4e434248aaa368416242062577d0fc74986378a77a281902d92d26478
-
SSDEEP
1536:Tfu73WGGE0DUm8lquk5OTeGdkmM1bK148/yUVI:6Z10DU3lqVZCkmMBK14HUV
Malware Config
Extracted
mirai
api.tcprestt.top
Targets
-
-
Target
d4933d467e1da4f2f1599438776f98ed32a91ff88e19d90bd7ff4fe18d185005_JC.elf
-
Size
66KB
-
MD5
42060e4a7b0aca6bd8d200977b2f8bf9
-
SHA1
5cf1c3414af79da593e4f087424be2146ac653b7
-
SHA256
d4933d467e1da4f2f1599438776f98ed32a91ff88e19d90bd7ff4fe18d185005
-
SHA512
302a6877dae54fd1a19b619fe157b33aafc314f4f6990bd7961b01b8ad7c5d72692689a4e434248aaa368416242062577d0fc74986378a77a281902d92d26478
-
SSDEEP
1536:Tfu73WGGE0DUm8lquk5OTeGdkmM1bK148/yUVI:6Z10DU3lqVZCkmMBK14HUV
Score9/10-
Contacts a large (23993) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-