General
-
Target
3c0b2a4838db32db7c1d3a03cc318da7
-
Size
52KB
-
Sample
231219-2y6f6sgchm
-
MD5
3c0b2a4838db32db7c1d3a03cc318da7
-
SHA1
6c3d1c890f58dc21966a5d08f7eb99d3cbf4575d
-
SHA256
1455ca0d9e1cec7d655c4388f5346a9034af60dea1123e3e6e1dbb86ce2ac725
-
SHA512
e917b3d5f965e3564752a73dced36bdda6b6ee7113a54399222ec99791f02551a90510392a1ddc2aa2001499a4d5166654c79e40810b7072d926f738b1ffe3a7
-
SSDEEP
1536:zXbe89+Kie80sDieYnzWaI59M+6UbbAmW6cd0:zCr0s3Y5U9M6bbAEe0
Malware Config
Targets
-
-
Target
3c0b2a4838db32db7c1d3a03cc318da7
-
Size
52KB
-
MD5
3c0b2a4838db32db7c1d3a03cc318da7
-
SHA1
6c3d1c890f58dc21966a5d08f7eb99d3cbf4575d
-
SHA256
1455ca0d9e1cec7d655c4388f5346a9034af60dea1123e3e6e1dbb86ce2ac725
-
SHA512
e917b3d5f965e3564752a73dced36bdda6b6ee7113a54399222ec99791f02551a90510392a1ddc2aa2001499a4d5166654c79e40810b7072d926f738b1ffe3a7
-
SSDEEP
1536:zXbe89+Kie80sDieYnzWaI59M+6UbbAmW6cd0:zCr0s3Y5U9M6bbAEe0
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Contacts a large (20431) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-