General
-
Target
afd2cbcc7b92686d5469db3180dea454b0036a6e3f303023bfd6c78623d268a6.elf
-
Size
31KB
-
Sample
240803-cegahatglg
-
MD5
ea7b4ebc73d8fa3db98bd71cd1b29c85
-
SHA1
2eed66b7b16d34beff238e633c129e8d0027a807
-
SHA256
afd2cbcc7b92686d5469db3180dea454b0036a6e3f303023bfd6c78623d268a6
-
SHA512
1a50be00747757b74c0ae5171c0761f1394b51ef0194a5d63918f08b648646df2314fd63f40f437441ad01ea0720e17e8df810ee0b8d1a185219a0febb1912b5
-
SSDEEP
768:UmieP10RD2EnAJ2kgKNnyALwALPsq2sRmXkgW4:7pPgVnaD2ALkbHb
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
afd2cbcc7b92686d5469db3180dea454b0036a6e3f303023bfd6c78623d268a6.elf
-
Size
31KB
-
MD5
ea7b4ebc73d8fa3db98bd71cd1b29c85
-
SHA1
2eed66b7b16d34beff238e633c129e8d0027a807
-
SHA256
afd2cbcc7b92686d5469db3180dea454b0036a6e3f303023bfd6c78623d268a6
-
SHA512
1a50be00747757b74c0ae5171c0761f1394b51ef0194a5d63918f08b648646df2314fd63f40f437441ad01ea0720e17e8df810ee0b8d1a185219a0febb1912b5
-
SSDEEP
768:UmieP10RD2EnAJ2kgKNnyALwALPsq2sRmXkgW4:7pPgVnaD2ALkbHb
-
Contacts a large (20686) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-