General
-
Target
3f2667834d3d0abbcd7f89674b89f405_JaffaCakes118
-
Size
64KB
-
Sample
240513-m3efxscc45
-
MD5
3f2667834d3d0abbcd7f89674b89f405
-
SHA1
af9d54c5c727d0e63c942b68458b3896254b06b7
-
SHA256
c2eacfb5b2333e6ba535c29210ee54991cdbf337acfb1b8b57dd4a0d3e2168b5
-
SHA512
e60c86d05d84bd6a2bb60b31d0782b2d7380d765a54c61027ab6f533e75845b588547696b764b8a907f6b74fb0989a46e2495ddc034b0de81a5da7581e62e5e3
-
SSDEEP
1536:IIG9170vwHbQXZ5+qXDEuXi9aBSW7V/DjObeFt6PuQ4Zr:I917iwHbQXZ5+qXA59eSWZ/XObeb6GZZ
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
3f2667834d3d0abbcd7f89674b89f405_JaffaCakes118
-
Size
64KB
-
MD5
3f2667834d3d0abbcd7f89674b89f405
-
SHA1
af9d54c5c727d0e63c942b68458b3896254b06b7
-
SHA256
c2eacfb5b2333e6ba535c29210ee54991cdbf337acfb1b8b57dd4a0d3e2168b5
-
SHA512
e60c86d05d84bd6a2bb60b31d0782b2d7380d765a54c61027ab6f533e75845b588547696b764b8a907f6b74fb0989a46e2495ddc034b0de81a5da7581e62e5e3
-
SSDEEP
1536:IIG9170vwHbQXZ5+qXDEuXi9aBSW7V/DjObeFt6PuQ4Zr:I917iwHbQXZ5+qXA59eSWZ/XObeb6GZZ
Score9/10-
Contacts a large (20618) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-