General
-
Target
5c12444a95273e80ee0727b3aac54fffa4b02a9961d91d4c4163269c0e8c82b3.elf
-
Size
112KB
-
Sample
240701-bhfmps1fph
-
MD5
356432d98bb42e9bc108ab5cfea5b253
-
SHA1
d572b2a06c61bb560e87704c65086ac0c330d2e1
-
SHA256
5c12444a95273e80ee0727b3aac54fffa4b02a9961d91d4c4163269c0e8c82b3
-
SHA512
b462135af4e4b6922373ce62eb7408cc6a2f1b8174717e98e6d70a34f66e97f3ef9866cd75ec35078c43cd68f4aa842354149ebc9cd1d6e160f41feb82b52fad
-
SSDEEP
3072:Rpn1nyJ4P39E0Nm2iCXk/S3e6oCqwomqBemEz:Tn1nIO9E0NYxS3hoLmqBemEz
Malware Config
Extracted
mirai
CONDI
report.condinet.cf
Targets
-
-
Target
5c12444a95273e80ee0727b3aac54fffa4b02a9961d91d4c4163269c0e8c82b3.elf
-
Size
112KB
-
MD5
356432d98bb42e9bc108ab5cfea5b253
-
SHA1
d572b2a06c61bb560e87704c65086ac0c330d2e1
-
SHA256
5c12444a95273e80ee0727b3aac54fffa4b02a9961d91d4c4163269c0e8c82b3
-
SHA512
b462135af4e4b6922373ce62eb7408cc6a2f1b8174717e98e6d70a34f66e97f3ef9866cd75ec35078c43cd68f4aa842354149ebc9cd1d6e160f41feb82b52fad
-
SSDEEP
3072:Rpn1nyJ4P39E0Nm2iCXk/S3e6oCqwomqBemEz:Tn1nIO9E0NYxS3hoLmqBemEz
Score9/10-
Contacts a large (53736) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-