General
-
Target
306975e3a9f94fb1917230757c9f80ac
-
Size
52KB
-
Sample
231219-2ttxksedan
-
MD5
306975e3a9f94fb1917230757c9f80ac
-
SHA1
782104b61da50aa5c0b198a5bcc6b362cc295e16
-
SHA256
79162af29b646d79347366898542aabde07ca6ecd844a8b3e872bfcfebd93af6
-
SHA512
946ad7a65e44c20a451978e0221b52a80839f5518b23643244b284a6a7f0f1bb9f7a0812f95970d6efb4c744d669306157dd4dee19eb26b83979cde9a631eb64
-
SSDEEP
768:9JomkQ+czIzxisfjo9tBJM9IgNuIq8gARmVb5YUCfk9q3UELgCV7tn1BdSFzty1D:cmpgDjo9tBbgNuejSDCVLgChajyD
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
306975e3a9f94fb1917230757c9f80ac
-
Size
52KB
-
MD5
306975e3a9f94fb1917230757c9f80ac
-
SHA1
782104b61da50aa5c0b198a5bcc6b362cc295e16
-
SHA256
79162af29b646d79347366898542aabde07ca6ecd844a8b3e872bfcfebd93af6
-
SHA512
946ad7a65e44c20a451978e0221b52a80839f5518b23643244b284a6a7f0f1bb9f7a0812f95970d6efb4c744d669306157dd4dee19eb26b83979cde9a631eb64
-
SSDEEP
768:9JomkQ+czIzxisfjo9tBJM9IgNuIq8gARmVb5YUCfk9q3UELgCV7tn1BdSFzty1D:cmpgDjo9tBbgNuejSDCVLgChajyD
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Contacts a large (19847) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-