General
-
Target
a4794bb37006b30ce3c5130f5995539d.bin
-
Size
27KB
-
Sample
240104-b4jw9aghe3
-
MD5
7da671bcc18373558552d501673e94b1
-
SHA1
02c0a49be90c7ebc3602acd7b9c0732ad3336773
-
SHA256
c79201eb9323f8fd6e3c3c87420bde628b3ffd4aa1178ed646a6f9b9b2ec1eda
-
SHA512
2915af54cec5e5294bb73ae19f2913a467dc6b0e06a149fa1174def4feaf059cb3a3991f1ec49a6526890055b32f4e23960ff99e1af36274cba6e2eafa85e41d
-
SSDEEP
768:F1aVMJg1JIQaV7OXqAJ/jA6VXEAdaWA4ni3:F1auJg7IQa18XECami3
Malware Config
Extracted
mirai
CONDI
raw.onlyslq.lol
Targets
-
-
Target
a22e3e18da3a7ff50e1079ef579a200f3e5143dbfb6e45d97467e9f4638b9e6c.elf
-
Size
50KB
-
MD5
a4794bb37006b30ce3c5130f5995539d
-
SHA1
507e778072907136be778b5af52702954f0da95b
-
SHA256
a22e3e18da3a7ff50e1079ef579a200f3e5143dbfb6e45d97467e9f4638b9e6c
-
SHA512
4d563d0151cf29cd5f593511f857610f3f5b711edfd77453e967e46494e277e03027baa1fbf439475a0890e18730e896289f4d6e6b64e7bbbb6299e4b2b8630d
-
SSDEEP
768:ytYRSjaQ9DaZFoJlExakbMqu8iHERkvKy+hRlOTm/4RsvKQLDJ1gMjz:WYRSjaCurwlP/4ly+h7Oq/4G3LN1gMv
Score9/10-
Contacts a large (56428) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-