General
-
Target
c5dad34705dc4d1776dd1361539222bf.bin
-
Size
23KB
-
Sample
241217-b6jz2axmhl
-
MD5
8471dad8f2c8b4815fe15aa1f225a97f
-
SHA1
42dad4e93766ca4c93e296288e8da8c2b8948c0c
-
SHA256
7781a2fe4881df1117f3ec8de529af5ad6a375fff8916aee9e5f65dd0d5cbeb6
-
SHA512
571740cca6edb0f39e83f9eac06f6f868b5316689806516dbf832ceaa3ee7cbd349321b58cc40f164b87ef3d018cabb851c8566f8956cfe498e6237f502db3f6
-
SSDEEP
384:a9wk6Zx+1pv/UQ4FcOaw9gxixV+5xbiFOFxLX1FSVQH0lAqSG3zB+gesCUuZShu6:uwk6Zx+X/UQ4l9gUikOjWQ0KHGDRCZ/K
Behavioral task
behavioral1
Sample
b7b4caac8d9975695170139441bec806cfbd3d20bb9fad56dc0afdf8cb00e5a1.elf
Resource
debian12-armhf-20240221-en
Malware Config
Extracted
mirai
BOTNET
Targets
-
-
Target
b7b4caac8d9975695170139441bec806cfbd3d20bb9fad56dc0afdf8cb00e5a1.elf
-
Size
45KB
-
MD5
c5dad34705dc4d1776dd1361539222bf
-
SHA1
8e4205c745533214d8176e7a607eddbacb914100
-
SHA256
b7b4caac8d9975695170139441bec806cfbd3d20bb9fad56dc0afdf8cb00e5a1
-
SHA512
e5e31e5643ea5803b8b13fcfef78a9c47196910a8416e0d74eb0e85798f9e67ce91f1440447b02e1d2fb412e06c6a0dcd9877d6608374757c2d2ea3cb05a72b4
-
SSDEEP
768:QZnNjwqwQm+Gnw/1Tzk96RFuEVP1OXoWQRs5DHzUIfumpDieIA+Si62yfot/Ox2/:QZn7wQmXnq1TIYFhVP1O4WQy5DHzJPHW
Score9/10-
Contacts a large (528040) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-