General
-
Target
c255b2b59a1fd3af9f0183acbe060d24
-
Size
68KB
-
Sample
231220-rgn6fsfedr
-
MD5
c255b2b59a1fd3af9f0183acbe060d24
-
SHA1
44c2c59b1f05bc0771ff5f9441eb5e3bfa6248eb
-
SHA256
2c53a2999089d5af5e66b5277fcf5e4cb77d513e214a18d73af1304aace025cc
-
SHA512
52a0f4d685d13d1723ff0a5d9fb59effa44c15d5237350a765479f34ffaa0ff0f3d977fef0ea3f339f4c495176621bf9a5c301fa19a8a08578f0f8e0b70d0beb
-
SSDEEP
1536:ZU5YTemBvU55rIVRNjfsbNWVgIqnnh3BIcPwwaTaZturrSjVnw:PTeSM55rIVR9sbMVfqnh36uwLTccrx
Behavioral task
behavioral1
Sample
c255b2b59a1fd3af9f0183acbe060d24
Resource
ubuntu1804-amd64-20231215-en
Malware Config
Extracted
mirai
BOT
Targets
-
-
Target
c255b2b59a1fd3af9f0183acbe060d24
-
Size
68KB
-
MD5
c255b2b59a1fd3af9f0183acbe060d24
-
SHA1
44c2c59b1f05bc0771ff5f9441eb5e3bfa6248eb
-
SHA256
2c53a2999089d5af5e66b5277fcf5e4cb77d513e214a18d73af1304aace025cc
-
SHA512
52a0f4d685d13d1723ff0a5d9fb59effa44c15d5237350a765479f34ffaa0ff0f3d977fef0ea3f339f4c495176621bf9a5c301fa19a8a08578f0f8e0b70d0beb
-
SSDEEP
1536:ZU5YTemBvU55rIVRNjfsbNWVgIqnnh3BIcPwwaTaZturrSjVnw:PTeSM55rIVR9sbMVfqnh36uwLTccrx
Score9/10-
Contacts a large (342898) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-