General
-
Target
fdfdcab48454fe15fbb5d6f371efc14c
-
Size
75KB
-
Sample
231220-wg955segf4
-
MD5
fdfdcab48454fe15fbb5d6f371efc14c
-
SHA1
8e56739d8a9b146d4adef73eb4ff3084d8378a52
-
SHA256
5806b2ef309f4a64e758be9aec585ab837ef10641451f18126f799722626bb06
-
SHA512
1bfb905005738f0eb60bbf26e2483823c8b6a879247135f6c7de4db2146adca4742d50513d8398a570591cbf7d68c8d4e64315e30600ecf5113e1758fa49b3d0
-
SSDEEP
1536:tAL4lj6y0ZYft7ScEq7QhQNEBQ79gsS8e:tAij6yIFq7jBw
Behavioral task
behavioral1
Sample
fdfdcab48454fe15fbb5d6f371efc14c
Resource
debian9-mipsel-20231215-en
Malware Config
Extracted
mirai
LARRY
cnc.junoland.xyz
scan.junoland.xyz
Targets
-
-
Target
fdfdcab48454fe15fbb5d6f371efc14c
-
Size
75KB
-
MD5
fdfdcab48454fe15fbb5d6f371efc14c
-
SHA1
8e56739d8a9b146d4adef73eb4ff3084d8378a52
-
SHA256
5806b2ef309f4a64e758be9aec585ab837ef10641451f18126f799722626bb06
-
SHA512
1bfb905005738f0eb60bbf26e2483823c8b6a879247135f6c7de4db2146adca4742d50513d8398a570591cbf7d68c8d4e64315e30600ecf5113e1758fa49b3d0
-
SSDEEP
1536:tAL4lj6y0ZYft7ScEq7QhQNEBQ79gsS8e:tAij6yIFq7jBw
Score9/10-
Contacts a large (177897) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-