General
-
Target
58d890cb0d3d48c2d121997fd813439308de0f8261a0400b0ae95a11a1f5ff3b.elf
-
Size
35KB
-
Sample
240419-bs9njacf59
-
MD5
d2500977ca5778dd105c2906229755cc
-
SHA1
5f9bac2b182f7818b3f6bd5aa4a37447dfd43f99
-
SHA256
58d890cb0d3d48c2d121997fd813439308de0f8261a0400b0ae95a11a1f5ff3b
-
SHA512
517135439951e555745353deb8d185bd396f9724079abfaa809e43fef28134c309dc3df052ccfcb7e8f5fcf357dd9d4622dd924d8f64f040753d12d1f1880b1b
-
SSDEEP
768:3vaocZyVFReRpnX2kCZhOe5svrBIOVJdDjwL2WMo:3iyVDe+xZhxsvd9Dd/kd
Malware Config
Extracted
mirai
UNSTABLE
Targets
-
-
Target
58d890cb0d3d48c2d121997fd813439308de0f8261a0400b0ae95a11a1f5ff3b.elf
-
Size
35KB
-
MD5
d2500977ca5778dd105c2906229755cc
-
SHA1
5f9bac2b182f7818b3f6bd5aa4a37447dfd43f99
-
SHA256
58d890cb0d3d48c2d121997fd813439308de0f8261a0400b0ae95a11a1f5ff3b
-
SHA512
517135439951e555745353deb8d185bd396f9724079abfaa809e43fef28134c309dc3df052ccfcb7e8f5fcf357dd9d4622dd924d8f64f040753d12d1f1880b1b
-
SSDEEP
768:3vaocZyVFReRpnX2kCZhOe5svrBIOVJdDjwL2WMo:3iyVDe+xZhxsvd9Dd/kd
-
Contacts a large (178697) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-