General
-
Target
c515be3733d30b4cf00ffbf6a6adf636
-
Size
63KB
-
Sample
231220-rne65acec6
-
MD5
c515be3733d30b4cf00ffbf6a6adf636
-
SHA1
ea3c29f2e0ed4198f6765c8433257c5bdb6a80f7
-
SHA256
4b73ff46a23d44a062bb9b665d1c53fdb65c9bb314b3c3afc3707d548fc21661
-
SHA512
d42a8bc1e32d98818847c0a8a773dcc9ed83ce572d1f7e2b4c53d6e8cff99a8f070e91af5fcf8205310a70af706a8a941d3d67413cea34dd14611948eaca0863
-
SSDEEP
1536:IvIvW1kAd/8oVfe+aoIKl408epTRpYmNWaxEVnL03XSw23vH7s8h:IvBeBKe1CNpY+xEqH7yV
Behavioral task
behavioral1
Sample
c515be3733d30b4cf00ffbf6a6adf636
Resource
debian9-armhf-20231215-en
Malware Config
Extracted
mirai
LARRY
cnc.junoland.xyz
scan.junoland.xyz
Targets
-
-
Target
c515be3733d30b4cf00ffbf6a6adf636
-
Size
63KB
-
MD5
c515be3733d30b4cf00ffbf6a6adf636
-
SHA1
ea3c29f2e0ed4198f6765c8433257c5bdb6a80f7
-
SHA256
4b73ff46a23d44a062bb9b665d1c53fdb65c9bb314b3c3afc3707d548fc21661
-
SHA512
d42a8bc1e32d98818847c0a8a773dcc9ed83ce572d1f7e2b4c53d6e8cff99a8f070e91af5fcf8205310a70af706a8a941d3d67413cea34dd14611948eaca0863
-
SSDEEP
1536:IvIvW1kAd/8oVfe+aoIKl408epTRpYmNWaxEVnL03XSw23vH7s8h:IvBeBKe1CNpY+xEqH7yV
Score9/10-
Contacts a large (234573) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-