General
-
Target
arm7
-
Size
58KB
-
Sample
240212-xb3pjscf52
-
MD5
60b10da752b888d644e650933a3379f2
-
SHA1
3ed6c0b972869da6273757f3f1c94d8d351d11dc
-
SHA256
4e2c5513cf1c4a3c12c6e108d0120d57355b3411c30d59dfb0d263ad932b6868
-
SHA512
002a6e7f6c4d909056cc51e227fcc8c776ccad9d1e600513a83ce4876cd035bb12f129ca3a1a48d21d76bd654058c19af55fe3d3a66186786779dc8bf4df8e4b
-
SSDEEP
1536:vPsS3RDMckLByMgLGohIovgh5/CLNh4Mt/hr25eg2:vPsSBDMcnxzQh5qLNhH3K5S
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
arm7
-
Size
58KB
-
MD5
60b10da752b888d644e650933a3379f2
-
SHA1
3ed6c0b972869da6273757f3f1c94d8d351d11dc
-
SHA256
4e2c5513cf1c4a3c12c6e108d0120d57355b3411c30d59dfb0d263ad932b6868
-
SHA512
002a6e7f6c4d909056cc51e227fcc8c776ccad9d1e600513a83ce4876cd035bb12f129ca3a1a48d21d76bd654058c19af55fe3d3a66186786779dc8bf4df8e4b
-
SSDEEP
1536:vPsS3RDMckLByMgLGohIovgh5/CLNh4Mt/hr25eg2:vPsSBDMcnxzQh5qLNhH3K5S
-
Contacts a large (73694) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Deletes itself
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-