General
-
Target
3bd290c9211cc6fca5d94428aaede4e9
-
Size
56KB
-
Sample
231219-2y3qaabef5
-
MD5
3bd290c9211cc6fca5d94428aaede4e9
-
SHA1
362bd4ecb75c2b9d19b904d6d7a2cc8fb31d51f2
-
SHA256
d74519a81c618b60d541799a808fe6f8fec5df97ff2bc2b92f49fdd1a7d1ef36
-
SHA512
a7062ec6ed5a3cd0fa683fc53633e8d1806c43a2d004fdfbc579f573a23e12d1e2fdda012c42a34e844b69a28d35e3b7b6983f8a0dc3ada941b4a7a541ffb331
-
SSDEEP
1536:MGtVWuokUhsphjSlvsfBN52mdaGGkwC6sU62DfEGQbs:xWuo9yphjSlvIBD2mtGk6fFGbs
Malware Config
Extracted
mirai
BOT
ch.silynigr.xyz
horse.silynigr.xyz
Targets
-
-
Target
3bd290c9211cc6fca5d94428aaede4e9
-
Size
56KB
-
MD5
3bd290c9211cc6fca5d94428aaede4e9
-
SHA1
362bd4ecb75c2b9d19b904d6d7a2cc8fb31d51f2
-
SHA256
d74519a81c618b60d541799a808fe6f8fec5df97ff2bc2b92f49fdd1a7d1ef36
-
SHA512
a7062ec6ed5a3cd0fa683fc53633e8d1806c43a2d004fdfbc579f573a23e12d1e2fdda012c42a34e844b69a28d35e3b7b6983f8a0dc3ada941b4a7a541ffb331
-
SSDEEP
1536:MGtVWuokUhsphjSlvsfBN52mdaGGkwC6sU62DfEGQbs:xWuo9yphjSlvIBD2mtGk6fFGbs
Score9/10-
Contacts a large (245933) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-