General
-
Target
5edbd42266341034daa0a0302c758586
-
Size
77KB
-
Sample
231219-3cs5dsecbr
-
MD5
5edbd42266341034daa0a0302c758586
-
SHA1
4b5ef476f5c6dcafa730f9f6740d34278faabdbb
-
SHA256
2f597a70d57ebd3246a0bd05f62b074473dc87d0ecb05cb85252025df892ae39
-
SHA512
2f32203a883d398276f457979c28462e8211ab1ed83a1d048f6bf387a0f8b0c717aaee839e813434eede342d28358ecf5482bbfaac53900026bae707f95f6380
-
SSDEEP
1536:pFD2PlwH2NJBd8t45hDvqecY1/UcnA7fAGe77WRJiy8nTK4yxRnK:jDClJ84GK/dA7fAGe76+ye
Malware Config
Extracted
mirai
BOT
Targets
-
-
Target
5edbd42266341034daa0a0302c758586
-
Size
77KB
-
MD5
5edbd42266341034daa0a0302c758586
-
SHA1
4b5ef476f5c6dcafa730f9f6740d34278faabdbb
-
SHA256
2f597a70d57ebd3246a0bd05f62b074473dc87d0ecb05cb85252025df892ae39
-
SHA512
2f32203a883d398276f457979c28462e8211ab1ed83a1d048f6bf387a0f8b0c717aaee839e813434eede342d28358ecf5482bbfaac53900026bae707f95f6380
-
SSDEEP
1536:pFD2PlwH2NJBd8t45hDvqecY1/UcnA7fAGe77WRJiy8nTK4yxRnK:jDClJ84GK/dA7fAGe76+ye
Score9/10-
Contacts a large (194136) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-