General
-
Target
57313fba01a8f65c33ef6fc3f36c94c7
-
Size
50KB
-
Sample
231219-29zsrsfhf7
-
MD5
57313fba01a8f65c33ef6fc3f36c94c7
-
SHA1
79ab11649f67b499e7ef64e4b2d3e5d4464a43a2
-
SHA256
26f86c95d83d793e939858ab53af033d56f5081f2a03d6d8384ab68a1398e909
-
SHA512
5100ad3d8cdc513011c2f301e4c4ad98cf5a141618beaedbf91e70a808e311c649106adc177033f94ec0bc2921c5eb8713a4bf58f0577b20e55ebf3d7d02bae7
-
SSDEEP
768:Xtp5yZZNbJTUUEGxSXd726r1VGfs8NSQMeRax2b39q3UEL+0DpuS/mV9pkL:XtuZZVJjEX+NSQM/xEGLN4S/mPpy
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
57313fba01a8f65c33ef6fc3f36c94c7
-
Size
50KB
-
MD5
57313fba01a8f65c33ef6fc3f36c94c7
-
SHA1
79ab11649f67b499e7ef64e4b2d3e5d4464a43a2
-
SHA256
26f86c95d83d793e939858ab53af033d56f5081f2a03d6d8384ab68a1398e909
-
SHA512
5100ad3d8cdc513011c2f301e4c4ad98cf5a141618beaedbf91e70a808e311c649106adc177033f94ec0bc2921c5eb8713a4bf58f0577b20e55ebf3d7d02bae7
-
SSDEEP
768:Xtp5yZZNbJTUUEGxSXd726r1VGfs8NSQMeRax2b39q3UEL+0DpuS/mV9pkL:XtuZZVJjEX+NSQM/xEGLN4S/mPpy
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Contacts a large (20367) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-