General
-
Target
8e09ce63b913be6f161f94738d62b24c
-
Size
31KB
-
Sample
240212-wt6y9ace37
-
MD5
8e09ce63b913be6f161f94738d62b24c
-
SHA1
a81171394b9e1a837463e91e207ce955cbf2a87f
-
SHA256
b9d92f637996e981006173eb207734301ff69ded8f9c2a7f0c9b6d5fcc9063a2
-
SHA512
526197e30fcb5e56066381c6d13566b632cb1c9470000cb0b558b0141f3171fcc11f6144744546a040c6f214012ababb4f2a62371e9818b1b3d141dad5a9b543
-
SSDEEP
768:Czc5814KRScHTqA4kOp2OITxWr/t9IGr7rs3UozL:4NRScHN+PHr7WzL
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
8e09ce63b913be6f161f94738d62b24c
-
Size
31KB
-
MD5
8e09ce63b913be6f161f94738d62b24c
-
SHA1
a81171394b9e1a837463e91e207ce955cbf2a87f
-
SHA256
b9d92f637996e981006173eb207734301ff69ded8f9c2a7f0c9b6d5fcc9063a2
-
SHA512
526197e30fcb5e56066381c6d13566b632cb1c9470000cb0b558b0141f3171fcc11f6144744546a040c6f214012ababb4f2a62371e9818b1b3d141dad5a9b543
-
SSDEEP
768:Czc5814KRScHTqA4kOp2OITxWr/t9IGr7rs3UozL:4NRScHN+PHr7WzL
-
Contacts a large (62430) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Deletes itself
-
Deletes system logs
Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Deletes log files
Deletes log files on the system.
-