General
-
Target
4d315e63c562b354627d6b169e197d5cf108f318b446dac59c8edff283314e9d.elf
-
Size
97KB
-
Sample
241222-cphlbazjhq
-
MD5
1a4375f6423f0c96f3d2377d1c157595
-
SHA1
fec7b3bd66d1d4a88b7a22511962007f7b99e34b
-
SHA256
4d315e63c562b354627d6b169e197d5cf108f318b446dac59c8edff283314e9d
-
SHA512
fca72e6629a9e1440df86bb7c46592f6f0294aafdfd4839f461862dcbafcc3cc534d71061f3e43d870655fb56d5417258074e0994e568c7b044a41fb87ba8be2
-
SSDEEP
3072:GKsAW3h8xjDI0taCqGwapyAuKltAJzL7azhHH:GKSRPsaCqGwapPu8AhLIHH
Behavioral task
behavioral1
Sample
4d315e63c562b354627d6b169e197d5cf108f318b446dac59c8edff283314e9d.elf
Resource
debian9-armhf-20240611-en
Malware Config
Extracted
mirai
BOTNET
Targets
-
-
Target
4d315e63c562b354627d6b169e197d5cf108f318b446dac59c8edff283314e9d.elf
-
Size
97KB
-
MD5
1a4375f6423f0c96f3d2377d1c157595
-
SHA1
fec7b3bd66d1d4a88b7a22511962007f7b99e34b
-
SHA256
4d315e63c562b354627d6b169e197d5cf108f318b446dac59c8edff283314e9d
-
SHA512
fca72e6629a9e1440df86bb7c46592f6f0294aafdfd4839f461862dcbafcc3cc534d71061f3e43d870655fb56d5417258074e0994e568c7b044a41fb87ba8be2
-
SSDEEP
3072:GKsAW3h8xjDI0taCqGwapyAuKltAJzL7azhHH:GKSRPsaCqGwapPu8AhLIHH
Score9/10-
Contacts a large (289907) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-