General
-
Target
4e946e8956924d95d46250d1beac6b53
-
Size
157KB
-
Sample
231219-26wxpsbdfl
-
MD5
4e946e8956924d95d46250d1beac6b53
-
SHA1
09e4318782e17c3e662817005aec29ed511d1bf1
-
SHA256
90b5e729c46a964887ee2995f88c7d5985f010747df90a09a550495a486bc740
-
SHA512
f6295f2a69662ae0c9cb5a70d4037bac7dc078a13d532c3df31d852ef919ac30266db6faab3a4374fcbe2bac9b90e945a68a57c595b0627754578154c9de57ab
-
SSDEEP
3072:zfm3+bfkM2MFhedk++nLaa8MA8+Vo86Ooa9YEvj+uYM/9yy8j2Yp:Lm3ofJQdYLaa8MA8+Vx6OXvj+FM/9ydn
Behavioral task
behavioral1
Sample
4e946e8956924d95d46250d1beac6b53
Resource
debian9-armhf-20231215-en
Malware Config
Extracted
mirai
BOT
Targets
-
-
Target
4e946e8956924d95d46250d1beac6b53
-
Size
157KB
-
MD5
4e946e8956924d95d46250d1beac6b53
-
SHA1
09e4318782e17c3e662817005aec29ed511d1bf1
-
SHA256
90b5e729c46a964887ee2995f88c7d5985f010747df90a09a550495a486bc740
-
SHA512
f6295f2a69662ae0c9cb5a70d4037bac7dc078a13d532c3df31d852ef919ac30266db6faab3a4374fcbe2bac9b90e945a68a57c595b0627754578154c9de57ab
-
SSDEEP
3072:zfm3+bfkM2MFhedk++nLaa8MA8+Vo86Ooa9YEvj+uYM/9yy8j2Yp:Lm3ofJQdYLaa8MA8+Vx6OXvj+FM/9ydn
Score9/10-
Contacts a large (197206) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-