General
-
Target
fa5a667858560106b3377dafff9e3433_JaffaCakes118
-
Size
31KB
-
Sample
240419-qata6adb46
-
MD5
fa5a667858560106b3377dafff9e3433
-
SHA1
9c2ec5ef1bf924db2014f63ab4f37c7010234ae0
-
SHA256
1493df6f703118c5cb5124b305e2e2dd97d4a96fd1db3bcb29066806d9ddae8d
-
SHA512
adfe83fe389b9441310bf243dd621fb108e451f0edf9c8086d0b6ac8175058daa1a21697d62a834b89a02c9545d26cdfcfcbf612e48ae80fdbddb53689f056c9
-
SSDEEP
384:X3fpCLrsjHIX69URc+hmnulY1qHprFKt6zhS45vDajssVwfNBLXTa39RWGVCz0Nf:nfpWcehzJFYKgULAssKf7Ta3LW2
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
fa5a667858560106b3377dafff9e3433_JaffaCakes118
-
Size
31KB
-
MD5
fa5a667858560106b3377dafff9e3433
-
SHA1
9c2ec5ef1bf924db2014f63ab4f37c7010234ae0
-
SHA256
1493df6f703118c5cb5124b305e2e2dd97d4a96fd1db3bcb29066806d9ddae8d
-
SHA512
adfe83fe389b9441310bf243dd621fb108e451f0edf9c8086d0b6ac8175058daa1a21697d62a834b89a02c9545d26cdfcfcbf612e48ae80fdbddb53689f056c9
-
SSDEEP
384:X3fpCLrsjHIX69URc+hmnulY1qHprFKt6zhS45vDajssVwfNBLXTa39RWGVCz0Nf:nfpWcehzJFYKgULAssKf7Ta3LW2
-
Contacts a large (20419) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-