General
-
Target
a497e05db4d6e36621d479693f23096e
-
Size
64KB
-
Sample
240225-zwkqksch4v
-
MD5
a497e05db4d6e36621d479693f23096e
-
SHA1
9cef23918d5dd2cca69917d112196f73a98076a5
-
SHA256
22c0764363bfcd1049743277613aaa80473a39498655f16dd2b0d9a40d24be4e
-
SHA512
2287f4eff42f1be76387df0fcd6b363486ed0ce465ac75fb3d89863405f803ccad3bbc0215f5c57582e4267f92ec92fc87439ea317594ff88ed0986039defbb5
-
SSDEEP
1536:IIG9170vwHbQXZ5+qXDEuXa9aBSW7V/DjObeFt6PuQ4Z2:I917iwHbQXZ5+qXAp9eSWZ/XObeb6GZZ
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
a497e05db4d6e36621d479693f23096e
-
Size
64KB
-
MD5
a497e05db4d6e36621d479693f23096e
-
SHA1
9cef23918d5dd2cca69917d112196f73a98076a5
-
SHA256
22c0764363bfcd1049743277613aaa80473a39498655f16dd2b0d9a40d24be4e
-
SHA512
2287f4eff42f1be76387df0fcd6b363486ed0ce465ac75fb3d89863405f803ccad3bbc0215f5c57582e4267f92ec92fc87439ea317594ff88ed0986039defbb5
-
SSDEEP
1536:IIG9170vwHbQXZ5+qXDEuXa9aBSW7V/DjObeFt6PuQ4Z2:I917iwHbQXZ5+qXAp9eSWZ/XObeb6GZZ
Score9/10-
Contacts a large (20554) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-