General
-
Target
a22e3e18da3a7ff50e1079ef579a200f3e5143dbfb6e45d97467e9f4638b9e6c.elf
-
Size
50KB
-
Sample
240103-sx7heafghq
-
MD5
a4794bb37006b30ce3c5130f5995539d
-
SHA1
507e778072907136be778b5af52702954f0da95b
-
SHA256
a22e3e18da3a7ff50e1079ef579a200f3e5143dbfb6e45d97467e9f4638b9e6c
-
SHA512
4d563d0151cf29cd5f593511f857610f3f5b711edfd77453e967e46494e277e03027baa1fbf439475a0890e18730e896289f4d6e6b64e7bbbb6299e4b2b8630d
-
SSDEEP
768:ytYRSjaQ9DaZFoJlExakbMqu8iHERkvKy+hRlOTm/4RsvKQLDJ1gMjz:WYRSjaCurwlP/4ly+h7Oq/4G3LN1gMv
Behavioral task
behavioral1
Sample
a22e3e18da3a7ff50e1079ef579a200f3e5143dbfb6e45d97467e9f4638b9e6c.elf
Resource
ubuntu1804-amd64-20231215-en
Malware Config
Extracted
mirai
CONDI
raw.onlyslq.lol
Targets
-
-
Target
a22e3e18da3a7ff50e1079ef579a200f3e5143dbfb6e45d97467e9f4638b9e6c.elf
-
Size
50KB
-
MD5
a4794bb37006b30ce3c5130f5995539d
-
SHA1
507e778072907136be778b5af52702954f0da95b
-
SHA256
a22e3e18da3a7ff50e1079ef579a200f3e5143dbfb6e45d97467e9f4638b9e6c
-
SHA512
4d563d0151cf29cd5f593511f857610f3f5b711edfd77453e967e46494e277e03027baa1fbf439475a0890e18730e896289f4d6e6b64e7bbbb6299e4b2b8630d
-
SSDEEP
768:ytYRSjaQ9DaZFoJlExakbMqu8iHERkvKy+hRlOTm/4RsvKQLDJ1gMjz:WYRSjaCurwlP/4ly+h7Oq/4G3LN1gMv
Score9/10-
Contacts a large (55269) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-