General
-
Target
ea94ddcee87355122583bb3605c693c7_JaffaCakes118
-
Size
28KB
-
Sample
240410-jk4rbagd39
-
MD5
ea94ddcee87355122583bb3605c693c7
-
SHA1
b392244ad70defab668cf64729d493c64a326497
-
SHA256
da843c429f677f1c8911e576e0ba33704fdfb41e7a2dde69d51929ca5244d38a
-
SHA512
29476265af5e5449192baf89769c6f117cf7a630b0df498fc980b05ab6317434a1dbe4a86aa46a65a6464adaef5b68ae01d6943ea00239c892fccdf99d3a85ec
-
SSDEEP
384:syr3engrGqzZLZCQJKM8+xwPFiV3QOLoYAgX8QzE7OPaNOMMsRWGVCz0Nvk+:s43NFLZCIvxwwZkVQGoqW2
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
ea94ddcee87355122583bb3605c693c7_JaffaCakes118
-
Size
28KB
-
MD5
ea94ddcee87355122583bb3605c693c7
-
SHA1
b392244ad70defab668cf64729d493c64a326497
-
SHA256
da843c429f677f1c8911e576e0ba33704fdfb41e7a2dde69d51929ca5244d38a
-
SHA512
29476265af5e5449192baf89769c6f117cf7a630b0df498fc980b05ab6317434a1dbe4a86aa46a65a6464adaef5b68ae01d6943ea00239c892fccdf99d3a85ec
-
SSDEEP
384:syr3engrGqzZLZCQJKM8+xwPFiV3QOLoYAgX8QzE7OPaNOMMsRWGVCz0Nvk+:s43NFLZCIvxwwZkVQGoqW2
-
Contacts a large (20017) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-