General
-
Target
0120a1ce75c1a1c3e7350604756a3aa5_JaffaCakes118
-
Size
64KB
-
Sample
240426-tbkxysfg9y
-
MD5
0120a1ce75c1a1c3e7350604756a3aa5
-
SHA1
7d983822e752580108b796be1b26cafe67133004
-
SHA256
206dd07c43b83afb9e50e26a04dd5ae8027c9e215eeafbfd92c74439b8d77607
-
SHA512
a7e4423f45b5e37f4becf75ff84e61cd78fd0ed3ad0d681124e404cfd626177acb8e2cd672a43733cb7c769c79ddf8193020f2a9cee573d38a70b811d7e8d55f
-
SSDEEP
1536:IoRC9170vwHbQXZ5+qXDEuXi90dSW7V/DjObeFt6PuQ4Zy:PC917iwHbQXZ5+qXA594SWZ/XObeb6G7
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
0120a1ce75c1a1c3e7350604756a3aa5_JaffaCakes118
-
Size
64KB
-
MD5
0120a1ce75c1a1c3e7350604756a3aa5
-
SHA1
7d983822e752580108b796be1b26cafe67133004
-
SHA256
206dd07c43b83afb9e50e26a04dd5ae8027c9e215eeafbfd92c74439b8d77607
-
SHA512
a7e4423f45b5e37f4becf75ff84e61cd78fd0ed3ad0d681124e404cfd626177acb8e2cd672a43733cb7c769c79ddf8193020f2a9cee573d38a70b811d7e8d55f
-
SSDEEP
1536:IoRC9170vwHbQXZ5+qXDEuXi90dSW7V/DjObeFt6PuQ4Zy:PC917iwHbQXZ5+qXA594SWZ/XObeb6G7
Score9/10-
Contacts a large (20573) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-