General
-
Target
664-1-0x00008000-0x00021684-memory.dmp
-
Size
68KB
-
Sample
240305-jletksag47
-
MD5
35414c2288086d680fd0d86a0f74b15a
-
SHA1
1fb5891b775445461ceff199958ef83f37df657d
-
SHA256
babe826b3965dd62ce7718c114e8ce08b38fd333babbd0e597a7a713acc2ed76
-
SHA512
5aaa048938c620d27fb17c37a100faed01ca282286185e1007c9c8f9db07935eadee703ef66ab0714d076de69c4237752473842a25847709f676805c563ecd25
-
SSDEEP
768:ZDvLGLSR8vQGpjhDuG9ZLIZecJS1+kRL4qPZE0RVBVyNvd3jKOukHuLwCVy/Jx+u:xLG4ZGNhXlcJHvEXCZujBeZWCOL5g9
Behavioral task
behavioral1
Sample
664-1-0x00008000-0x00021684-memory.dmp
Resource
debian9-armhf-20240226-en
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
664-1-0x00008000-0x00021684-memory.dmp
-
Size
68KB
-
MD5
35414c2288086d680fd0d86a0f74b15a
-
SHA1
1fb5891b775445461ceff199958ef83f37df657d
-
SHA256
babe826b3965dd62ce7718c114e8ce08b38fd333babbd0e597a7a713acc2ed76
-
SHA512
5aaa048938c620d27fb17c37a100faed01ca282286185e1007c9c8f9db07935eadee703ef66ab0714d076de69c4237752473842a25847709f676805c563ecd25
-
SSDEEP
768:ZDvLGLSR8vQGpjhDuG9ZLIZecJS1+kRL4qPZE0RVBVyNvd3jKOukHuLwCVy/Jx+u:xLG4ZGNhXlcJHvEXCZujBeZWCOL5g9
Score9/10-
Contacts a large (20051) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-