General
-
Target
0042fb25ff96fc1e11ff7e8919683e14
-
Size
52KB
-
Sample
231219-19pgcshfd8
-
MD5
0042fb25ff96fc1e11ff7e8919683e14
-
SHA1
3d3ff3b4c213b5c0e4b2bd13ebe787583d29ee51
-
SHA256
92b66f59dd047e2c2514206af9b85fc44e2ee1e8e9757bdbc90512f9a941a4fe
-
SHA512
b912662326f32c30c0279579ad656e9d1c1ab984aed3f70f858fa2f48b7ad235dedf36ef87d1d6c7d87d0122be94e301ae5628b7811d3a7dcf0dd1fcb16076da
-
SSDEEP
1536:hOIlMtSFSIhqUXKpdhi41Hf/ZVxrLv8WH0:hOmMoBlapbief/Z3rLF0
Malware Config
Extracted
mirai
UNST
Targets
-
-
Target
0042fb25ff96fc1e11ff7e8919683e14
-
Size
52KB
-
MD5
0042fb25ff96fc1e11ff7e8919683e14
-
SHA1
3d3ff3b4c213b5c0e4b2bd13ebe787583d29ee51
-
SHA256
92b66f59dd047e2c2514206af9b85fc44e2ee1e8e9757bdbc90512f9a941a4fe
-
SHA512
b912662326f32c30c0279579ad656e9d1c1ab984aed3f70f858fa2f48b7ad235dedf36ef87d1d6c7d87d0122be94e301ae5628b7811d3a7dcf0dd1fcb16076da
-
SSDEEP
1536:hOIlMtSFSIhqUXKpdhi41Hf/ZVxrLv8WH0:hOmMoBlapbief/Z3rLF0
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Contacts a large (20121) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-