General
-
Target
43edfaeb5aaf5b0f88c5e1af03e4f2e0
-
Size
29KB
-
Sample
231219-225n2schb9
-
MD5
43edfaeb5aaf5b0f88c5e1af03e4f2e0
-
SHA1
e6eb1dbcb54565d71d0edf4f362c9a708762dc70
-
SHA256
88540b90064aaee7b073dab7323e466060c6b582d08273fe3a9c7d69a63b4b8d
-
SHA512
f640a3e27f18b94982a0cdc2c17dc857278494856cb5028062b1778064dbabd53408fd14c50464b74db25792d2618d14dce72095533bb2e55f1f8d0ea184d924
-
SSDEEP
768:MsUBacyByf/2KXyaeeDpV6JxY3BGEbOorjt2ls3Uozj:MsA/20yalvRBGEb51Pzj
Malware Config
Extracted
mirai
UNST
Targets
-
-
Target
43edfaeb5aaf5b0f88c5e1af03e4f2e0
-
Size
29KB
-
MD5
43edfaeb5aaf5b0f88c5e1af03e4f2e0
-
SHA1
e6eb1dbcb54565d71d0edf4f362c9a708762dc70
-
SHA256
88540b90064aaee7b073dab7323e466060c6b582d08273fe3a9c7d69a63b4b8d
-
SHA512
f640a3e27f18b94982a0cdc2c17dc857278494856cb5028062b1778064dbabd53408fd14c50464b74db25792d2618d14dce72095533bb2e55f1f8d0ea184d924
-
SSDEEP
768:MsUBacyByf/2KXyaeeDpV6JxY3BGEbOorjt2ls3Uozj:MsA/20yalvRBGEb51Pzj
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Contacts a large (20582) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-