Overview

overview

10

Static

static

10

74160bef0c...d0cad7

ubuntu-18.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    74160bef0cc37b49b87973ca2dd0cad7

  • Size

    64KB

  • Sample

    231220-apseeaegc3

  • MD5

    74160bef0cc37b49b87973ca2dd0cad7

  • SHA1

    043fefd2ff959f0357a8c8fad3930149f9129e27

  • SHA256

    4dbf4de0adca8e5df71942482e016ae6d1ba7067824d9235388059ebece9088e

  • SHA512

    38102db9dfff79daceeeae571477b9f9b372af01de7961fe6f82e8cd722b62a9c0520434d463026a59e9c06794279fddbd7c4db4fe4fbec2649f1cf302abc175

  • SSDEEP

    1536:Id9y7XhZa8I35AeTWxxEf5d977SWAr/xNtieV96xbw4H:c9y7hZa8I35AeTWxej93SWO/lie76Z5H

Score
10/10
mirailzrddiscoverylinux

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      74160bef0cc37b49b87973ca2dd0cad7

    • Size

      64KB

    • MD5

      74160bef0cc37b49b87973ca2dd0cad7

    • SHA1

      043fefd2ff959f0357a8c8fad3930149f9129e27

    • SHA256

      4dbf4de0adca8e5df71942482e016ae6d1ba7067824d9235388059ebece9088e

    • SHA512

      38102db9dfff79daceeeae571477b9f9b372af01de7961fe6f82e8cd722b62a9c0520434d463026a59e9c06794279fddbd7c4db4fe4fbec2649f1cf302abc175

    • SSDEEP

      1536:Id9y7XhZa8I35AeTWxxEf5d977SWAr/xNtieV96xbw4H:c9y7hZa8I35AeTWxej93SWO/lie76Z5H

    Score
    9/10
    discovery

    • Contacts a large (20660) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks