General
-
Target
926dc6a593417048b904eebdbfd89fed.elf
-
Size
113KB
-
Sample
240628-v4ahcsxeld
-
MD5
926dc6a593417048b904eebdbfd89fed
-
SHA1
03d9eaa92766471d52f035f598bba0bc2f151ee2
-
SHA256
019dba311a35ff6a1178fc13adb29c862cadb3241b0ecb87040596f784f597e3
-
SHA512
1f6e0db61c631a7f643c7abbbe8dc3680506524a52b41304b305bc0b23283c35fbf703bdbf879ae8081bd7c670624b62b19d0d9c185e81715a0a8adaf98814ab
-
SSDEEP
3072:cjvFH+/Thnjextd8Ce0mLjZBnvgrUNfTNM63MWWcF/UFb1lmWK4:cRH+/Thjo8Ce0mLjZBnvgrUAdFb1lmWB
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
926dc6a593417048b904eebdbfd89fed.elf
-
Size
113KB
-
MD5
926dc6a593417048b904eebdbfd89fed
-
SHA1
03d9eaa92766471d52f035f598bba0bc2f151ee2
-
SHA256
019dba311a35ff6a1178fc13adb29c862cadb3241b0ecb87040596f784f597e3
-
SHA512
1f6e0db61c631a7f643c7abbbe8dc3680506524a52b41304b305bc0b23283c35fbf703bdbf879ae8081bd7c670624b62b19d0d9c185e81715a0a8adaf98814ab
-
SSDEEP
3072:cjvFH+/Thnjextd8Ce0mLjZBnvgrUNfTNM63MWWcF/UFb1lmWK4:cRH+/Thjo8Ce0mLjZBnvgrUAdFb1lmWB
Score7/10-
Deletes itself
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-