General
-
Target
2b3890f6e22aa66490e711a86f1a1aa4
-
Size
133KB
-
Sample
231219-2rwcmadddq
-
MD5
2b3890f6e22aa66490e711a86f1a1aa4
-
SHA1
7fcb8e217129639918c9c7e34b1c68eb1e6f7bc7
-
SHA256
d44ec3b18b13761a629d1b21e0ee694c9145ff080a483809708adfda3b2506bc
-
SHA512
de443f1b429b0e4cf0747b1ae3546b09bf9e8cc12aeaceb7fffdc6e26d6da78cdbf81ab77f24ce3a9f14d4ef470216b9d72552b646d29fe35c14d3f98d7d9995
-
SSDEEP
3072:He+84qQM21xxbDlXqt2Lhpf+fvq99D+b/QM/9m7+:++84qEPXE2Lhpf+Xqn+boM/9E+
Behavioral task
behavioral1
Sample
2b3890f6e22aa66490e711a86f1a1aa4
Resource
debian9-armhf-20231215-en
Malware Config
Extracted
mirai
BOT
Targets
-
-
Target
2b3890f6e22aa66490e711a86f1a1aa4
-
Size
133KB
-
MD5
2b3890f6e22aa66490e711a86f1a1aa4
-
SHA1
7fcb8e217129639918c9c7e34b1c68eb1e6f7bc7
-
SHA256
d44ec3b18b13761a629d1b21e0ee694c9145ff080a483809708adfda3b2506bc
-
SHA512
de443f1b429b0e4cf0747b1ae3546b09bf9e8cc12aeaceb7fffdc6e26d6da78cdbf81ab77f24ce3a9f14d4ef470216b9d72552b646d29fe35c14d3f98d7d9995
-
SSDEEP
3072:He+84qQM21xxbDlXqt2Lhpf+fvq99D+b/QM/9m7+:++84qEPXE2Lhpf+Xqn+boM/9E+
Score9/10-
Contacts a large (384506) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-