General
-
Target
95ff28a79fde2699c4e958a402805046.elf
-
Size
29KB
-
Sample
240802-lcgmxstgmm
-
MD5
95ff28a79fde2699c4e958a402805046
-
SHA1
79ccdc94a94ad5b049429ce24d39b2de2687d40e
-
SHA256
17249c1c3b937ce94a977a060bb004cfd7bc48d7b86dc9a05be2fdd9f2c384c3
-
SHA512
322faef0ade53e48a17a5b106be2c8f27c5804b5fcf0c3c07eabfcf99d88cb2b7364d521ff0c91d674569a379ec91596b4563132deb045639ed5d9a2773fa28b
-
SSDEEP
768:mH4U61C/tREq04B3zEVZ7E/WCI5ujy0Hm5ESEPgD7nbcuyD7UHQRjX:m9wsEX4B3I37SPjLHm5Els7nouy8HyL
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
95ff28a79fde2699c4e958a402805046.elf
-
Size
29KB
-
MD5
95ff28a79fde2699c4e958a402805046
-
SHA1
79ccdc94a94ad5b049429ce24d39b2de2687d40e
-
SHA256
17249c1c3b937ce94a977a060bb004cfd7bc48d7b86dc9a05be2fdd9f2c384c3
-
SHA512
322faef0ade53e48a17a5b106be2c8f27c5804b5fcf0c3c07eabfcf99d88cb2b7364d521ff0c91d674569a379ec91596b4563132deb045639ed5d9a2773fa28b
-
SSDEEP
768:mH4U61C/tREq04B3zEVZ7E/WCI5ujy0Hm5ESEPgD7nbcuyD7UHQRjX:m9wsEX4B3I37SPjLHm5Els7nouy8HyL
-
Contacts a large (20477) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-