General
-
Target
241cfe3b4768f3986ac511d292f88bbb.elf
-
Size
98KB
-
Sample
240726-s4rqjazgpa
-
MD5
241cfe3b4768f3986ac511d292f88bbb
-
SHA1
a674f8b5ed8f17e3f30916ce30d09c90a13ae9aa
-
SHA256
73ece8ffa7c0f7f625a070aa3e98d0eb450716927cec046803c8b818bfcbc9d6
-
SHA512
53f9ceccf6483ea5d95fde4933937ada277afcdf609e68e0000fe7e249c12e1aa0cfaccfb529d7617ac03eeb51e138031cea490ae7f2ff7e98a6ea8c67a98942
-
SSDEEP
3072:PNaEkEJoa9niU5yae9xfKqF6bBtUKKRsSY6r:PNa09iWyae9xfKq2BifdY6r
Malware Config
Extracted
mirai
BOTNET
cyberbotne.stresse.live
Targets
-
-
Target
241cfe3b4768f3986ac511d292f88bbb.elf
-
Size
98KB
-
MD5
241cfe3b4768f3986ac511d292f88bbb
-
SHA1
a674f8b5ed8f17e3f30916ce30d09c90a13ae9aa
-
SHA256
73ece8ffa7c0f7f625a070aa3e98d0eb450716927cec046803c8b818bfcbc9d6
-
SHA512
53f9ceccf6483ea5d95fde4933937ada277afcdf609e68e0000fe7e249c12e1aa0cfaccfb529d7617ac03eeb51e138031cea490ae7f2ff7e98a6ea8c67a98942
-
SSDEEP
3072:PNaEkEJoa9niU5yae9xfKqF6bBtUKKRsSY6r:PNa09iWyae9xfKq2BifdY6r
-
Contacts a large (112595) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Deletes system logs
Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Deletes log files
Deletes log files on the system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-