General
-
Target
73618a35f44e26bc9befa104bf9e22161b3dffeca612b0b2e695b8797196213a_JC.elf
-
Size
29KB
-
Sample
231012-td1fescd48
-
MD5
9b824f1fa12e28d01a2fbffa847e457f
-
SHA1
a78d8313b9655406ee2f53d9289c548526e06d3a
-
SHA256
73618a35f44e26bc9befa104bf9e22161b3dffeca612b0b2e695b8797196213a
-
SHA512
64bcc1c9a2c08d5c07802439dec142b8480013482ad79afd32a7aee863f23b1b5f7e9df13bf65eb4485c7cf2e9657f55289af69625f45bcf5d50b05030efbc2e
-
SSDEEP
768:UN8fWlfoQmQAXV7EmQciiRcLprDKTSjgq2:IMNXFl7zN4PwB
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
73618a35f44e26bc9befa104bf9e22161b3dffeca612b0b2e695b8797196213a_JC.elf
-
Size
29KB
-
MD5
9b824f1fa12e28d01a2fbffa847e457f
-
SHA1
a78d8313b9655406ee2f53d9289c548526e06d3a
-
SHA256
73618a35f44e26bc9befa104bf9e22161b3dffeca612b0b2e695b8797196213a
-
SHA512
64bcc1c9a2c08d5c07802439dec142b8480013482ad79afd32a7aee863f23b1b5f7e9df13bf65eb4485c7cf2e9657f55289af69625f45bcf5d50b05030efbc2e
-
SSDEEP
768:UN8fWlfoQmQAXV7EmQciiRcLprDKTSjgq2:IMNXFl7zN4PwB
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Contacts a large (20072) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-