General
-
Target
91854a17591ee72c2c954f02283d40a0
-
Size
57KB
-
Sample
231220-jtkd2adfd4
-
MD5
91854a17591ee72c2c954f02283d40a0
-
SHA1
c03353fa4e801d24feb7143afbcf1f2be32a7289
-
SHA256
670257e0204106dd948b20500ee3000f324f8550a99e19e9fd28b5613355d25b
-
SHA512
f36ec75c90581f36a8805d02b510769a8715897835b2c18b883fdbacd639ede77370b68ecaf4a0149932184dc11a002c69d36b4735e94d31dd08e74319cb8c57
-
SSDEEP
1536:0A0PisFrZ3W5XPynSszIV8LIB/yizMSe:30aurZs+Ssz1LIB/yEMSe
Behavioral task
behavioral1
Sample
91854a17591ee72c2c954f02283d40a0
Resource
ubuntu1804-amd64-20231215-en
Malware Config
Extracted
mirai
BOT
Targets
-
-
Target
91854a17591ee72c2c954f02283d40a0
-
Size
57KB
-
MD5
91854a17591ee72c2c954f02283d40a0
-
SHA1
c03353fa4e801d24feb7143afbcf1f2be32a7289
-
SHA256
670257e0204106dd948b20500ee3000f324f8550a99e19e9fd28b5613355d25b
-
SHA512
f36ec75c90581f36a8805d02b510769a8715897835b2c18b883fdbacd639ede77370b68ecaf4a0149932184dc11a002c69d36b4735e94d31dd08e74319cb8c57
-
SSDEEP
1536:0A0PisFrZ3W5XPynSszIV8LIB/yizMSe:30aurZs+Ssz1LIB/yEMSe
Score9/10-
Contacts a large (1597035) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-