General
-
Target
fdf78c3779ce1cdf9414ec20752146c6_JaffaCakes118
-
Size
30KB
-
Sample
240421-ad4y3adf43
-
MD5
fdf78c3779ce1cdf9414ec20752146c6
-
SHA1
a878ddb0e9a7240b5c5bb66d5dacd255839fb0c4
-
SHA256
e2ce976b4302436357ff9fe030248edf2a0ef3d18fdb58931aa3ead2be28f29c
-
SHA512
df9b129ba1f40b27d009fe1554ec269ca9f6a93a51ab0ab2660476b7a905288e83c88eecb198ab41e63ee2754344c743fa1e8341fee87659763dfd0c2f4e21c6
-
SSDEEP
768:vyvYLznDEB2iC+sDwChyxNkvzY8HqltXwJgGlzDpbuR1J1:WYnnDEBI+sUyyx2VHrVJuz
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
fdf78c3779ce1cdf9414ec20752146c6_JaffaCakes118
-
Size
30KB
-
MD5
fdf78c3779ce1cdf9414ec20752146c6
-
SHA1
a878ddb0e9a7240b5c5bb66d5dacd255839fb0c4
-
SHA256
e2ce976b4302436357ff9fe030248edf2a0ef3d18fdb58931aa3ead2be28f29c
-
SHA512
df9b129ba1f40b27d009fe1554ec269ca9f6a93a51ab0ab2660476b7a905288e83c88eecb198ab41e63ee2754344c743fa1e8341fee87659763dfd0c2f4e21c6
-
SSDEEP
768:vyvYLznDEB2iC+sDwChyxNkvzY8HqltXwJgGlzDpbuR1J1:WYnnDEBI+sUyyx2VHrVJuz
-
Contacts a large (20563) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-