General
-
Target
a2eab9c1c6ab993a9a2e5c6fb4b5d4f7
-
Size
104KB
-
Sample
231220-mgf3madcf5
-
MD5
a2eab9c1c6ab993a9a2e5c6fb4b5d4f7
-
SHA1
aa2135eb5a2a2d1b7bf32c9d66101edc9ae453c7
-
SHA256
b2322b23cc73d9d6c7030648135b37d9990ab5911e013c3bb5567f3170c32301
-
SHA512
6e80d61ed57c813ee3b902a8638225a43783a7b527fe6d53b0182e8059ba312dcca27d7c16d3682299521e8383813014620f268bc41c8552217afeb8f3579369
-
SSDEEP
3072:5GgscMcGQLXfUZIEyE85hw7wWzbljPM/9xVN8:5GgsSGQQZIEyE8rwxzbl7M/9xD8
Behavioral task
behavioral1
Sample
a2eab9c1c6ab993a9a2e5c6fb4b5d4f7
Resource
debian9-armhf-20231215-en
Malware Config
Extracted
mirai
LARRY
cnc.junoland.xyz
scan.junoland.xyz
Targets
-
-
Target
a2eab9c1c6ab993a9a2e5c6fb4b5d4f7
-
Size
104KB
-
MD5
a2eab9c1c6ab993a9a2e5c6fb4b5d4f7
-
SHA1
aa2135eb5a2a2d1b7bf32c9d66101edc9ae453c7
-
SHA256
b2322b23cc73d9d6c7030648135b37d9990ab5911e013c3bb5567f3170c32301
-
SHA512
6e80d61ed57c813ee3b902a8638225a43783a7b527fe6d53b0182e8059ba312dcca27d7c16d3682299521e8383813014620f268bc41c8552217afeb8f3579369
-
SSDEEP
3072:5GgscMcGQLXfUZIEyE85hw7wWzbljPM/9xVN8:5GgsSGQQZIEyE8rwxzbl7M/9xD8
Score9/10-
Contacts a large (53614) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-