General
-
Target
17bfedd391fb25e778eac2e6137be128.bin
-
Size
28KB
-
Sample
241014-k6vafaxenm
-
MD5
4beb4955ad908b06a6284f7f67dde4ae
-
SHA1
770ebf03d32247405b7f700bdd42e849ff2b1ff2
-
SHA256
71d7b2372b104fae2d9b28e641742346cc18610f60bfe9925b6295c6b064e931
-
SHA512
3a51416d5ec80548674a16dbfe27eb523aed6e6677dd6063a9b7bff402271293bb7d274db2fdb4a482e9caf37db678a3f843573b88a4fe21db0dee4ff0d1a8dd
-
SSDEEP
768:eT0hWJBzOh5i2Huq/ayamRaOo9Rx5qEY8pxRMf:eYkDYlRC5q0xRk
Malware Config
Extracted
mirai
BOTNET
securecameoutgay.ddns.net
Targets
-
-
Target
b8083b92dc5d68701f4035d9135cb416a8862263dda570fa13d656ef8b3de6f8.elf
-
Size
28KB
-
MD5
17bfedd391fb25e778eac2e6137be128
-
SHA1
fadc7ee66bb0b01a4891c8e6eb38675811058cb2
-
SHA256
b8083b92dc5d68701f4035d9135cb416a8862263dda570fa13d656ef8b3de6f8
-
SHA512
ce746d968dbe04330f60fba797890a251ca740518caae64d25917d0ac57d01d5652b607d8f37a37a4ad44010966d9e2133d4a881f2a0542c8e5f602c48f69bdc
-
SSDEEP
768:WhAP7JIINnYOEzJgMoojL+5S9p3e/nBx5iCy5mlmYPV1sm:DNHNY30oushevBx5bAmlmYPVqm
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Contacts a large (114622) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-