General
-
Target
bdf1cab65204ccae1530d529e75b2ea4
-
Size
37KB
-
Sample
231220-q68qqacafj
-
MD5
bdf1cab65204ccae1530d529e75b2ea4
-
SHA1
44fdabacf6290d2a9f39cccb56762d55cdd9324e
-
SHA256
7cdfd82ecbe11a5a767272f84ad8b23060018daea192ab37b7d67241f297c850
-
SHA512
4402c1981cb9769ba3fad25ace23b5cbf0b9f372262432b7cb117677128c3ba8e57164a06b850c8ba6b5c80a5dc1820e7ad7f94ffc7879adde8d07694fbbf36c
-
SSDEEP
768:7ddJesB5t8/2tO3FsgA8khW81/TYPPAqsrtA1RvxyN2aQyxO3Mkqx4n1hEW:PJBt8U8kb1/TYnAqYU8Vx4n
Behavioral task
behavioral1
Sample
bdf1cab65204ccae1530d529e75b2ea4
Resource
debian9-armhf-20231215-en
Malware Config
Extracted
mirai
BOT
Targets
-
-
Target
bdf1cab65204ccae1530d529e75b2ea4
-
Size
37KB
-
MD5
bdf1cab65204ccae1530d529e75b2ea4
-
SHA1
44fdabacf6290d2a9f39cccb56762d55cdd9324e
-
SHA256
7cdfd82ecbe11a5a767272f84ad8b23060018daea192ab37b7d67241f297c850
-
SHA512
4402c1981cb9769ba3fad25ace23b5cbf0b9f372262432b7cb117677128c3ba8e57164a06b850c8ba6b5c80a5dc1820e7ad7f94ffc7879adde8d07694fbbf36c
-
SSDEEP
768:7ddJesB5t8/2tO3FsgA8khW81/TYPPAqsrtA1RvxyN2aQyxO3Mkqx4n1hEW:PJBt8U8kb1/TYnAqYU8Vx4n
Score9/10-
Contacts a large (53625) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Writes file to system bin folder
-