General
-
Target
9939c45fc1529e42f18bfbebdc633283
-
Size
70KB
-
Sample
240213-mv4e3shb99
-
MD5
9939c45fc1529e42f18bfbebdc633283
-
SHA1
9b85a2a6de68bf96daa9817bb1dd204cbd5b0975
-
SHA256
5deff97f9c65c88e7fc6b4ca0345c439a5530a3ce39aa88483f67a1bba4671c4
-
SHA512
697d422ae1a5b11f98842246587611bcc3284c8397e66c028f4031d6e20cc4941f857e11e3b70bf6e6379341390a76e9eead52d712d19cc45f0869fb9eb85594
-
SSDEEP
1536:GbtexU5L9XouIRhb96pUQzXtwavaJ3V8OHxouJeZWDFI8EM:GbtexU0r8QCKw2Fbt
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
9939c45fc1529e42f18bfbebdc633283
-
Size
70KB
-
MD5
9939c45fc1529e42f18bfbebdc633283
-
SHA1
9b85a2a6de68bf96daa9817bb1dd204cbd5b0975
-
SHA256
5deff97f9c65c88e7fc6b4ca0345c439a5530a3ce39aa88483f67a1bba4671c4
-
SHA512
697d422ae1a5b11f98842246587611bcc3284c8397e66c028f4031d6e20cc4941f857e11e3b70bf6e6379341390a76e9eead52d712d19cc45f0869fb9eb85594
-
SSDEEP
1536:GbtexU5L9XouIRhb96pUQzXtwavaJ3V8OHxouJeZWDFI8EM:GbtexU0r8QCKw2Fbt
Score9/10-
Contacts a large (20389) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-