General
-
Target
SecuriteInfo.com.Linux.Siggen.9999.18087.21501.elf
-
Size
28KB
-
Sample
240220-ny1c9sff7s
-
MD5
0d42e9d595c03681a56ec13b23593aeb
-
SHA1
85b4598ac8c777f66a9db5a27198ac131d70f827
-
SHA256
257f3719ef283b9ad4e42511246fd0faf814c5bfdf18c50daadd66a163df56ae
-
SHA512
bc82bba43a652af91a3fac2c196f9e09e8cf4221c6519847e8b1284099a84ed91ff79c8e6b08baed65ee2526c48f7f5660cc65adb24b9fb3ff3f38a4eedf50db
-
SSDEEP
384:oVx1SjAUJUhes7xBmM4DqFpKGn1y5edztCyrhxbOjkfLFMddfFUaD9EYdRWGVCzZ:GxOFUhJxp4DY7dztCkhFOQf5MdUS91WB
Malware Config
Extracted
mirai
SORA
Targets
-
-
Target
SecuriteInfo.com.Linux.Siggen.9999.18087.21501.elf
-
Size
28KB
-
MD5
0d42e9d595c03681a56ec13b23593aeb
-
SHA1
85b4598ac8c777f66a9db5a27198ac131d70f827
-
SHA256
257f3719ef283b9ad4e42511246fd0faf814c5bfdf18c50daadd66a163df56ae
-
SHA512
bc82bba43a652af91a3fac2c196f9e09e8cf4221c6519847e8b1284099a84ed91ff79c8e6b08baed65ee2526c48f7f5660cc65adb24b9fb3ff3f38a4eedf50db
-
SSDEEP
384:oVx1SjAUJUhes7xBmM4DqFpKGn1y5edztCyrhxbOjkfLFMddfFUaD9EYdRWGVCzZ:GxOFUhJxp4DY7dztCkhFOQf5MdUS91WB
-
Contacts a large (462334) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-