General
-
Target
ed8039a626bfb139a168f31ee5326e31
-
Size
95KB
-
Sample
231220-vb2fdafhem
-
MD5
ed8039a626bfb139a168f31ee5326e31
-
SHA1
e7b41a9cb6b1fe9cf5607f82f48000794ce09f6d
-
SHA256
8f1b850d85f7751519c1042208cc6de9b65d60f24091cbae56f19abf08996a35
-
SHA512
1a67b2acc2d8faf8e92b2e70edbe1fb3d9dabb9076dd2b0be60e13fd2e35567d3ec833b2afe8cacf86604b0e5219b745876ade5f0284e4b0ecbf102e899fd563
-
SSDEEP
1536:MZ/OLIFAxV6QHydscmOqQqRRm0Tm/1CIzK5OdA8EK4ixRn2F:MZ/FWkQqqQqYCIztz6F
Malware Config
Extracted
mirai
BOT
Targets
-
-
Target
ed8039a626bfb139a168f31ee5326e31
-
Size
95KB
-
MD5
ed8039a626bfb139a168f31ee5326e31
-
SHA1
e7b41a9cb6b1fe9cf5607f82f48000794ce09f6d
-
SHA256
8f1b850d85f7751519c1042208cc6de9b65d60f24091cbae56f19abf08996a35
-
SHA512
1a67b2acc2d8faf8e92b2e70edbe1fb3d9dabb9076dd2b0be60e13fd2e35567d3ec833b2afe8cacf86604b0e5219b745876ade5f0284e4b0ecbf102e899fd563
-
SSDEEP
1536:MZ/OLIFAxV6QHydscmOqQqRRm0Tm/1CIzK5OdA8EK4ixRn2F:MZ/FWkQqqQqYCIztz6F
Score9/10-
Contacts a large (195477) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-