General
-
Target
3787a29f90ccc08e39a8e957be61d9aa.bin
-
Size
50KB
-
Sample
241223-bg639stkfn
-
MD5
7adf6279289206432303fdf7fd5851ad
-
SHA1
57e712337b9092bfd0fe83e7087827fccfc81534
-
SHA256
dc7ab7d74c0c6196d12a6816104ae7946a4d3c47dfa413b7b1d2c334c6983dab
-
SHA512
154dc291c3816e1e570535e027234a8553d7adb7f509be9471dad781dc1c34a9e4ed3455f6479b16bd5aacd2eb91f1d43605f9468836790d9d8c843e5ea07a6e
-
SSDEEP
1536:cE9fIbycf/B+rYUfVqSmCQ2FZc823WCf8Acf+YuGtHSB9:cE9gbznKYUd7ZcZ3WlAmXuzn
Behavioral task
behavioral1
Sample
60e8fe252180f6eed332b8722e756557d765ab99f9d89079138ff6953d2f23cb.elf
Resource
debian12-armhf-20240221-en
Malware Config
Extracted
mirai
BOTNET
Targets
-
-
Target
60e8fe252180f6eed332b8722e756557d765ab99f9d89079138ff6953d2f23cb.elf
-
Size
96KB
-
MD5
3787a29f90ccc08e39a8e957be61d9aa
-
SHA1
6c0c1e80795b8ea76ccf09452120eb801cd1ab55
-
SHA256
60e8fe252180f6eed332b8722e756557d765ab99f9d89079138ff6953d2f23cb
-
SHA512
8cbb3bfbbc26163eade960948d2bf9faa0522d3276651dc8e2d411c7cfe1aca7fda1ca612f2996544db7820cbc1c95fe0f6299fc876aa94c91056d40f1ef2aa7
-
SSDEEP
3072:C3VjdYsCmHubaQZ264gwrTye/7j8qvczh6H0:C3L7abaQZ264geTj7Yq66H0
Score9/10-
Contacts a large (249716) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-