General
-
Target
2a597a99ccc6078fe27f63d34d4535f2.bin
-
Size
34KB
-
Sample
240630-bwj72svfnj
-
MD5
2109ed00a6f0f4eac5fa6cf3dfeb8be0
-
SHA1
8597ae6e3b23470b7190c25ac62c055a49290f08
-
SHA256
7c67a6d9b4ccfd5f8c47a248db1a731eaddff28642c8f6e48db4ee804e3d2a7c
-
SHA512
1b2fc1e8d8c38d72b7428c1d50d92d1cdc898ef1dace12aaf2156f852a52af7eead3048684aafdf586496dffff8280c03f2dd0f24c703fbf856ba17df2d35764
-
SSDEEP
768:n+4RCOQZ7Jm3vxGXeaW4aNSJe1qXa6nmqCbeuglvV:YOQBJmUOaBCSjXa6nS6uuV
Behavioral task
behavioral1
Sample
d72e0090674786faa67a43c46fd535bfbb08a0ade84ccc542ec96478d7845403.elf
Resource
debian9-armhf-20240611-en
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
d72e0090674786faa67a43c46fd535bfbb08a0ade84ccc542ec96478d7845403.elf
-
Size
64KB
-
MD5
2a597a99ccc6078fe27f63d34d4535f2
-
SHA1
666934dc3f33bee267b2c1ed28792c063c76b28c
-
SHA256
d72e0090674786faa67a43c46fd535bfbb08a0ade84ccc542ec96478d7845403
-
SHA512
17d4f786f7ffe5005735995775722d169a497f68d529f23ccf64a8515b53806cb3f479dd2e8d0938b3a58430885863b8186f53f20976d94b116e985dc803abd6
-
SSDEEP
1536:f3nA8EZjpQOO60NjqSMT11xKbSZYuE53qBGYI6ZEOit/zIi:YB5tX0bSZbEF+87
Score7/10-
Deletes itself
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-