General
-
Target
9959789f4c05f385198facd59df4f748
-
Size
101KB
-
Sample
240213-nztxwaac34
-
MD5
9959789f4c05f385198facd59df4f748
-
SHA1
cf96b7e0ce031d0338bdf454b6fe66c01c1e4c4b
-
SHA256
17e0fa0255b44e6fe8a3a2d20ec1437e989c2a447b4818670a8ed217fd250613
-
SHA512
0ff8f1b2dedd02a29f59008e089530431b9e4b1dc5a3c6e4435add0e603e8dca3e04a2f170af66452c9aad6abfdb89e9cadd34d033c051d3b0e473e14c92c1f9
-
SSDEEP
1536:GMCZDhrnNEakym2kF8ww0HkP//OndD2E/LJ2UeoEX:qDVNEw+FX1LqX
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
9959789f4c05f385198facd59df4f748
-
Size
101KB
-
MD5
9959789f4c05f385198facd59df4f748
-
SHA1
cf96b7e0ce031d0338bdf454b6fe66c01c1e4c4b
-
SHA256
17e0fa0255b44e6fe8a3a2d20ec1437e989c2a447b4818670a8ed217fd250613
-
SHA512
0ff8f1b2dedd02a29f59008e089530431b9e4b1dc5a3c6e4435add0e603e8dca3e04a2f170af66452c9aad6abfdb89e9cadd34d033c051d3b0e473e14c92c1f9
-
SSDEEP
1536:GMCZDhrnNEakym2kF8ww0HkP//OndD2E/LJ2UeoEX:qDVNEw+FX1LqX
Score9/10-
Contacts a large (20167) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-