General
-
Target
jj.x86
-
Size
25KB
-
Sample
240417-edzfssed6w
-
MD5
f36effcde464d955a70b30db46ae037c
-
SHA1
72ba055e4ae9d4ea393e91ff875ce80f8ea320f9
-
SHA256
acd64831abe65ab67ec3140e664bceae1ad9ea47af8f8e7e91d738951d1fb074
-
SHA512
f17f1009af7635182371aa10a935e72fab5ab59810f1e7f38ad630a034e1b37ad74e57463bbaa1e55ee714f4db58090fbddf548750a78efb76e8fa3a02b63faf
-
SSDEEP
384:M+vESEONdjOL+jtbriI+orLz80JGFiVx1eLmgnNYwU5ceKFV1KbUdnByF73ow49y:ES7N1O4BAg8Wt1MpNYLKFHHByF30sTb3
Malware Config
Extracted
mirai
LZRD
www.sushiking.world
s.sushiking.world
Targets
-
-
Target
jj.x86
-
Size
25KB
-
MD5
f36effcde464d955a70b30db46ae037c
-
SHA1
72ba055e4ae9d4ea393e91ff875ce80f8ea320f9
-
SHA256
acd64831abe65ab67ec3140e664bceae1ad9ea47af8f8e7e91d738951d1fb074
-
SHA512
f17f1009af7635182371aa10a935e72fab5ab59810f1e7f38ad630a034e1b37ad74e57463bbaa1e55ee714f4db58090fbddf548750a78efb76e8fa3a02b63faf
-
SSDEEP
384:M+vESEONdjOL+jtbriI+orLz80JGFiVx1eLmgnNYwU5ceKFV1KbUdnByF73ow49y:ES7N1O4BAg8Wt1MpNYLKFHHByF30sTb3
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-