General
-
Target
b319fc73b03d7856a623a1788a33b330
-
Size
41KB
-
Sample
231220-prfkysaahj
-
MD5
b319fc73b03d7856a623a1788a33b330
-
SHA1
114c0b2e99d4fa6a7c4e7cd961da3aeaa4b9d872
-
SHA256
72b050b93d4417120425d0d406e7dc55235d5a7a940e5fe2ce9b420e32ddc85d
-
SHA512
ede5d6828f921d002760460a55d11b979e450abe73c14738e323765e22aa3129d5e4174d776571d8b266634efd14c1a0827887c890a23c1985bf2886cdb96f5d
-
SSDEEP
768:xP7QmlI4+6gN/KGTBP0COg0esgApOKhnXXGW1GOllOTJCn60hWZlrbCrrzXr3rrG:NQmlI4+6gRKABP0eTAx5XGWIOXgg606J
Behavioral task
behavioral1
Sample
b319fc73b03d7856a623a1788a33b330
Resource
ubuntu1804-amd64-20231215-en
Malware Config
Extracted
mirai
BOT
Targets
-
-
Target
b319fc73b03d7856a623a1788a33b330
-
Size
41KB
-
MD5
b319fc73b03d7856a623a1788a33b330
-
SHA1
114c0b2e99d4fa6a7c4e7cd961da3aeaa4b9d872
-
SHA256
72b050b93d4417120425d0d406e7dc55235d5a7a940e5fe2ce9b420e32ddc85d
-
SHA512
ede5d6828f921d002760460a55d11b979e450abe73c14738e323765e22aa3129d5e4174d776571d8b266634efd14c1a0827887c890a23c1985bf2886cdb96f5d
-
SSDEEP
768:xP7QmlI4+6gN/KGTBP0COg0esgApOKhnXXGW1GOllOTJCn60hWZlrbCrrzXr3rrG:NQmlI4+6gRKABP0eTAx5XGWIOXgg606J
Score9/10-
Contacts a large (2717699) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-