General
-
Target
a7c5dbe95f7ea92763fe3717eac389db
-
Size
53KB
-
Sample
231220-m49cpacbgq
-
MD5
a7c5dbe95f7ea92763fe3717eac389db
-
SHA1
06d3215cddce9f47ee9b323e66f97e89b2b94dc0
-
SHA256
a9ea4e908d20dc512aa13260476900240c6e82a08bc671a0b3b59324ddbdf373
-
SHA512
2fe794fdd395ea057cc66f609b9744e460c119b36f9cb35f6096626579bf3f39d4f582561ff7f75ab929e918ea8e7fae4fe6a6f514ff960b3b32d5a441dc5a28
-
SSDEEP
768:BZg7NCrxFSxf35t4zMPTI5tKM9S2iXzaujixOpGvvvbuLj53fkejfImiwwQwMJB:SCfSx/5t4zMPT+tx9SLXzsOpwsW8Z
Behavioral task
behavioral1
Sample
a7c5dbe95f7ea92763fe3717eac389db
Resource
ubuntu1804-amd64-20231215-en
Malware Config
Extracted
mirai
BOT
Targets
-
-
Target
a7c5dbe95f7ea92763fe3717eac389db
-
Size
53KB
-
MD5
a7c5dbe95f7ea92763fe3717eac389db
-
SHA1
06d3215cddce9f47ee9b323e66f97e89b2b94dc0
-
SHA256
a9ea4e908d20dc512aa13260476900240c6e82a08bc671a0b3b59324ddbdf373
-
SHA512
2fe794fdd395ea057cc66f609b9744e460c119b36f9cb35f6096626579bf3f39d4f582561ff7f75ab929e918ea8e7fae4fe6a6f514ff960b3b32d5a441dc5a28
-
SSDEEP
768:BZg7NCrxFSxf35t4zMPTI5tKM9S2iXzaujixOpGvvvbuLj53fkejfImiwwQwMJB:SCfSx/5t4zMPT+tx9SLXzsOpwsW8Z
Score9/10-
Contacts a large (1373981) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-