General
-
Target
700-1-0x00400000-0x00456a28-memory.dmp
-
Size
89KB
-
Sample
240324-jvdb4sdg2x
-
MD5
347a181c427be6e37cbc716a060749a1
-
SHA1
b96fe24084fcaab0ac3c6e429baec91d7097b095
-
SHA256
66caa6c44a68d79842bdadaccfa66066f07dc56f405aa5b0a8880cf720be6006
-
SHA512
be110572c96cbd91ddead73b552de74533413c88dc825f1ee4dd0d0d69d862ad47dae6649af3794cbe2c4cc212ec1238cbea66bb8b1422e4d1f8ebe17c0d15a0
-
SSDEEP
1536:E+/IwNuowUj02Gc2fsw0fNQQPO2u32llQ167morkZRH:R/lNujzfHuw6+jH
Behavioral task
behavioral1
Sample
700-1-0x00400000-0x00456a28-memory.dmp
Resource
debian9-mipsel-20240226-en
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
700-1-0x00400000-0x00456a28-memory.dmp
-
Size
89KB
-
MD5
347a181c427be6e37cbc716a060749a1
-
SHA1
b96fe24084fcaab0ac3c6e429baec91d7097b095
-
SHA256
66caa6c44a68d79842bdadaccfa66066f07dc56f405aa5b0a8880cf720be6006
-
SHA512
be110572c96cbd91ddead73b552de74533413c88dc825f1ee4dd0d0d69d862ad47dae6649af3794cbe2c4cc212ec1238cbea66bb8b1422e4d1f8ebe17c0d15a0
-
SSDEEP
1536:E+/IwNuowUj02Gc2fsw0fNQQPO2u32llQ167morkZRH:R/lNujzfHuw6+jH
Score9/10-
Contacts a large (20734) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-