General
-
Target
919b7b2efdb80ac92b982b71b3eaa9e3
-
Size
29KB
-
Sample
231220-jtll4adfd9
-
MD5
919b7b2efdb80ac92b982b71b3eaa9e3
-
SHA1
7f462f1a0d521909eeedb05a42d2659ddc26cd35
-
SHA256
bb005ccbf852f2162f143f4c0a4632e1a60bb1cf519da738f66b9a9811aadb17
-
SHA512
3b068e6f8b089c9e99f376a27043c00568c9ca185d6c42cb03b9ed26e75038fa758b44f341294b037332b866b4f22018321690373051e47e5ad2b972150bb8fd
-
SSDEEP
768:9FoxdX+IoMKVUfzaP1urxIGyYUzpzAhDxZMs3UozZ:9F2+IoXVeNIlzpzArzZ
Malware Config
Extracted
mirai
UNST
Targets
-
-
Target
919b7b2efdb80ac92b982b71b3eaa9e3
-
Size
29KB
-
MD5
919b7b2efdb80ac92b982b71b3eaa9e3
-
SHA1
7f462f1a0d521909eeedb05a42d2659ddc26cd35
-
SHA256
bb005ccbf852f2162f143f4c0a4632e1a60bb1cf519da738f66b9a9811aadb17
-
SHA512
3b068e6f8b089c9e99f376a27043c00568c9ca185d6c42cb03b9ed26e75038fa758b44f341294b037332b866b4f22018321690373051e47e5ad2b972150bb8fd
-
SSDEEP
768:9FoxdX+IoMKVUfzaP1urxIGyYUzpzAhDxZMs3UozZ:9F2+IoXVeNIlzpzArzZ
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Contacts a large (20110) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-