General
-
Target
59d0c47643ef28788423c23e6f94e3a9
-
Size
53KB
-
Sample
231219-3aybbsgda8
-
MD5
59d0c47643ef28788423c23e6f94e3a9
-
SHA1
26afab5db44f6724f9b867fc9e8ea878da4461a7
-
SHA256
9ed99afab05516bd9185647f6e00df8503c587b37b016a1d5ca12556918b4c6a
-
SHA512
c0ec67df6b5707dbd07baf32b0369864a150781e262fca011017af2ef4dd43698ef6a53065cba64b83d604261afbd0b8802d191599ca26dc348e8e0d6abac2f5
-
SSDEEP
768:P3AwpJxZdMnkfEkhGt3PcbISKXK89yWiX4OjixOEeKbAC2V053/kCdIdEdj:JxknkBGt3Pcbdy59yrXqOEe5RKKE9
Behavioral task
behavioral1
Sample
59d0c47643ef28788423c23e6f94e3a9
Resource
ubuntu1804-amd64-20231215-en
Malware Config
Extracted
mirai
BOT
Targets
-
-
Target
59d0c47643ef28788423c23e6f94e3a9
-
Size
53KB
-
MD5
59d0c47643ef28788423c23e6f94e3a9
-
SHA1
26afab5db44f6724f9b867fc9e8ea878da4461a7
-
SHA256
9ed99afab05516bd9185647f6e00df8503c587b37b016a1d5ca12556918b4c6a
-
SHA512
c0ec67df6b5707dbd07baf32b0369864a150781e262fca011017af2ef4dd43698ef6a53065cba64b83d604261afbd0b8802d191599ca26dc348e8e0d6abac2f5
-
SSDEEP
768:P3AwpJxZdMnkfEkhGt3PcbISKXK89yWiX4OjixOEeKbAC2V053/kCdIdEdj:JxknkBGt3Pcbdy59yrXqOEe5RKKE9
Score9/10-
Contacts a large (1654458) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-