Extracted

• • Target

    6866c288811523f98482f2b249b061173d979c776d9281570a8c22cbd2d3af97.elf

  • Size

    30KB

  • MD5

    2f4679572348b5d73bc9907d0b1ea507

  • SHA1

    bee714fe121b85766597703bcc245ddca2bdb578

  • SHA256

    6866c288811523f98482f2b249b061173d979c776d9281570a8c22cbd2d3af97

  • SHA512

    acfcc7cbe22e72fb4e1440f7ede5944fd2519ca52014882b14f540ef89522044889acf9c06250c9bde48b4b1c683399bc321139e850a66735f523a4eb367895e

  • SSDEEP

    768:573AXTRTEfjNY9MMVAf5FD+W9Dce0OupBWMo:13QT6fjNSW55ld0A

  Score

  10^/10

  miraiunstablebotnetdiscovery

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai

  • Contacts a large (46047) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • Changes its process name

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder

  behavioral1