General
-
Target
00fbbff359d9702a7651250dafaa6d7bad8eb7a00a3eaf92ce2283cb3870061c.elf
-
Size
92KB
-
Sample
240821-kv5l2azcmd
-
MD5
3adca6115dc12cefcc9abc20f00c09e2
-
SHA1
0ba7cf529fe633c352b3b31ed6c5e89fe8fe5295
-
SHA256
00fbbff359d9702a7651250dafaa6d7bad8eb7a00a3eaf92ce2283cb3870061c
-
SHA512
a1de750c74dfd87ce831089ab9b48ef7a5b7a5e14ce3eb66c16653dd7e7b2733d04a7bb93a4dfcb58902aeff365526544c164b3d0d18b17987084c31b91722ac
-
SSDEEP
1536:hmnIiFC3Wmmj4hiXE+1QhfdBdtsUad+yNyL3BytvutS9lj45rLu3:snXFgWmmjXUqaBdtid+qyL3YtG0rP3
Malware Config
Targets
-
-
Target
00fbbff359d9702a7651250dafaa6d7bad8eb7a00a3eaf92ce2283cb3870061c.elf
-
Size
92KB
-
MD5
3adca6115dc12cefcc9abc20f00c09e2
-
SHA1
0ba7cf529fe633c352b3b31ed6c5e89fe8fe5295
-
SHA256
00fbbff359d9702a7651250dafaa6d7bad8eb7a00a3eaf92ce2283cb3870061c
-
SHA512
a1de750c74dfd87ce831089ab9b48ef7a5b7a5e14ce3eb66c16653dd7e7b2733d04a7bb93a4dfcb58902aeff365526544c164b3d0d18b17987084c31b91722ac
-
SSDEEP
1536:hmnIiFC3Wmmj4hiXE+1QhfdBdtsUad+yNyL3BytvutS9lj45rLu3:snXFgWmmjXUqaBdtid+qyL3YtG0rP3
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Contacts a large (17987) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-