General
-
Target
8261d1b6e765370a1ebcd4393b9f0cac_JaffaCakes118
-
Size
33KB
-
Sample
240802-a3h3wsvgpk
-
MD5
8261d1b6e765370a1ebcd4393b9f0cac
-
SHA1
5d0b7f44aa8f91a7db9f619f226fb201f025b75c
-
SHA256
0b59cd1c5b4c7165907a831358d33fe02ffc3cbec069b9268e669af44dcc4434
-
SHA512
f788b6e391afb53ee345f6f9b520abdf6178559f848c5ad4d3cccba3d625920ed3e5c4f3ebc3d4abf33144177c04b5690dc7cf8a37df934eeaf125b220e36736
-
SSDEEP
768:zuXQRH6lLCbVWLC51vC+X2ptEZjY0M2nKYWxernbcuyD7Uiyqj:yXwuLCbVW+PvDX2ptESSWxernouy8Zqj
Malware Config
Extracted
mirai
UNSTABLE
connect.bricktale.cc
Targets
-
-
Target
8261d1b6e765370a1ebcd4393b9f0cac_JaffaCakes118
-
Size
33KB
-
MD5
8261d1b6e765370a1ebcd4393b9f0cac
-
SHA1
5d0b7f44aa8f91a7db9f619f226fb201f025b75c
-
SHA256
0b59cd1c5b4c7165907a831358d33fe02ffc3cbec069b9268e669af44dcc4434
-
SHA512
f788b6e391afb53ee345f6f9b520abdf6178559f848c5ad4d3cccba3d625920ed3e5c4f3ebc3d4abf33144177c04b5690dc7cf8a37df934eeaf125b220e36736
-
SSDEEP
768:zuXQRH6lLCbVWLC51vC+X2ptEZjY0M2nKYWxernbcuyD7Uiyqj:yXwuLCbVW+PvDX2ptESSWxernouy8Zqj
-
Contacts a large (220403) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-