General
-
Target
231cae3d3562087e0e12ca3244955ba0_JaffaCakes118
-
Size
28KB
-
Sample
240508-emj3gahf8w
-
MD5
231cae3d3562087e0e12ca3244955ba0
-
SHA1
25e28dddd0abb6172986a5ef2bfabd40744d1aa8
-
SHA256
eb227af5cbe83583affe32e0437342f68c8cb53c8b1cab92748dcb7b29246597
-
SHA512
d6669b590a709b722e8e75acda2f5f6f3639d480e694b25a138119b8453a23ef55f6d43c3a0ac5c9c65f8e74e14cc70d12b5c59e5b58599bd3411a4c1f3c961c
-
SSDEEP
768:eCG/rJv+tqC3Y+B4JmqGo3ZXelv3YmFAtM5intwFk:9Gtv+tzMJmqGuUvhFzoik
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
231cae3d3562087e0e12ca3244955ba0_JaffaCakes118
-
Size
28KB
-
MD5
231cae3d3562087e0e12ca3244955ba0
-
SHA1
25e28dddd0abb6172986a5ef2bfabd40744d1aa8
-
SHA256
eb227af5cbe83583affe32e0437342f68c8cb53c8b1cab92748dcb7b29246597
-
SHA512
d6669b590a709b722e8e75acda2f5f6f3639d480e694b25a138119b8453a23ef55f6d43c3a0ac5c9c65f8e74e14cc70d12b5c59e5b58599bd3411a4c1f3c961c
-
SSDEEP
768:eCG/rJv+tqC3Y+B4JmqGo3ZXelv3YmFAtM5intwFk:9Gtv+tzMJmqGuUvhFzoik
-
Contacts a large (20559) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-