General
-
Target
ac93cfbd088b6d98146172ab95767fe0
-
Size
111KB
-
Sample
231220-ntbt4shfh6
-
MD5
ac93cfbd088b6d98146172ab95767fe0
-
SHA1
5e592aa604f1d3433f46083ff2c889e0baf32acb
-
SHA256
bbb89a38aa340a701ce8bfbf52005710e5b0d12b4fb3528b27f70889d1fe2ede
-
SHA512
1515612fa0cdea89db73a6609544b64ce2f4652dca0c31b40d65832622aa044e3f8dbf1df0f15249d274738a27491c5891b53fee1c3b61953574ce1f8fb811de
-
SSDEEP
3072:hJza3vZhQ/R9UA7hAt8vfsmXiXa+kEYM/9Tgxr:hJza3vkJ7hAt8vUm6a+k3M/9kxr
Behavioral task
behavioral1
Sample
ac93cfbd088b6d98146172ab95767fe0
Resource
debian9-armhf-20231215-en
Malware Config
Extracted
mirai
LARRY
cnc.junoland.xyz
scan.junoland.xyz
Targets
-
-
Target
ac93cfbd088b6d98146172ab95767fe0
-
Size
111KB
-
MD5
ac93cfbd088b6d98146172ab95767fe0
-
SHA1
5e592aa604f1d3433f46083ff2c889e0baf32acb
-
SHA256
bbb89a38aa340a701ce8bfbf52005710e5b0d12b4fb3528b27f70889d1fe2ede
-
SHA512
1515612fa0cdea89db73a6609544b64ce2f4652dca0c31b40d65832622aa044e3f8dbf1df0f15249d274738a27491c5891b53fee1c3b61953574ce1f8fb811de
-
SSDEEP
3072:hJza3vZhQ/R9UA7hAt8vfsmXiXa+kEYM/9Tgxr:hJza3vkJ7hAt8vUm6a+k3M/9kxr
Score9/10-
Contacts a large (76013) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-