General
-
Target
2b388a77fc944aa9aef86966a4d208093fd1da3af93ad964cc27a65580ccc7a2
-
Size
48KB
-
Sample
240728-behynasame
-
MD5
0ed0111b3e7c8695cec5604549a71a90
-
SHA1
f9883ea18338e38a04eaa6391f06f171400062ba
-
SHA256
2b388a77fc944aa9aef86966a4d208093fd1da3af93ad964cc27a65580ccc7a2
-
SHA512
40248758a4e703d0b53b23b727947795af661b860975c6904bf326be6e1c9cc1c90a81475fe7baf6d55572eea6913dd72fc2a48e8c96f3c19cbd44c9374cdc95
-
SSDEEP
1536:ZIPpBAPvACnkl24a7LqQR+U0cfGqFks5gto:ZIxBAgTLa7GQ+XqOG
Malware Config
Extracted
mirai
BOTNET
cyberbotne.stresse.live
Targets
-
-
Target
ea34be57e26322312d30b6ec0c94fe036e9fb85aaf276e83f79ba0e6a5893c62.elf
-
Size
115KB
-
MD5
01138e39f90a5ec3392a0a72c58116b3
-
SHA1
8cb53b2a249ff6c25cf3870dc229a67edb7907e2
-
SHA256
ea34be57e26322312d30b6ec0c94fe036e9fb85aaf276e83f79ba0e6a5893c62
-
SHA512
8d8aaca7ad26145f55f5b87ac6e903fb381fa15f62fe5b03c6665456b8af47620a3b010155a8ae2936aa664cbdc9e63258e6549cbe4ab8def9f59e58bf667072
-
SSDEEP
3072:jOnMoRgStkUFSwNgN9VGUVGfBdG+ydW/:jOnyokUFM3VnE5EdW
-
Contacts a large (112854) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-