General
-
Target
59c3de50f4d37e8e14f272f6dd4017be
-
Size
29KB
-
Sample
240114-aeq4lagdfq
-
MD5
59c3de50f4d37e8e14f272f6dd4017be
-
SHA1
0921682e7fc635b87146cbaadd6ea99cfcdac8e2
-
SHA256
97a666c7b67f68c241b7ed573f896b8270f90f219786ac28ae6b5ec5f88deddc
-
SHA512
9298a12d2f0699e9fb7c92012490a9b51a0ae7da7507dc1ce7cb08e40cf7b7bc296cd2649d2ff4ae50c5fce33ee800a7fd908356e2f2ba274510724c650f9ec1
-
SSDEEP
768:1I4Xb1OBviHZPtp7WO+VaQxOxTedf9p//3EEmylmb/5s3Uoz6:W4BOBvi5P+OCaQ0Tk9/0vKW8z6
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
59c3de50f4d37e8e14f272f6dd4017be
-
Size
29KB
-
MD5
59c3de50f4d37e8e14f272f6dd4017be
-
SHA1
0921682e7fc635b87146cbaadd6ea99cfcdac8e2
-
SHA256
97a666c7b67f68c241b7ed573f896b8270f90f219786ac28ae6b5ec5f88deddc
-
SHA512
9298a12d2f0699e9fb7c92012490a9b51a0ae7da7507dc1ce7cb08e40cf7b7bc296cd2649d2ff4ae50c5fce33ee800a7fd908356e2f2ba274510724c650f9ec1
-
SSDEEP
768:1I4Xb1OBviHZPtp7WO+VaQxOxTedf9p//3EEmylmb/5s3Uoz6:W4BOBvi5P+OCaQ0Tk9/0vKW8z6
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Contacts a large (20597) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-