General
-
Target
db0fa4b8db0333367e9bda3ab68b8042.mips.elf
-
Size
35KB
-
Sample
241229-anw17swqck
-
MD5
42ee2e4502d9dc6d5296f96907dfd2d7
-
SHA1
a2a7ad1ccfe374dbc6709390f1c6d0250bceec6c
-
SHA256
8f3a43458b1db0e059023feb483fffd20460f3acba03b05786555be10d1cfcb0
-
SHA512
6ee578d25631be7c843724dd5b7b55794455c0d7dc39d38c9d5cb8ef8412464c5cc707d9fd2b259d8616b40d19e1f69ea4ab1fe02c97b56cba5195364200b887
-
SSDEEP
768:2SUl3dSMnbPoGbT55n7OZ7Hj2Y4GAU04FIbjNH9R+JgGlzDpUYse:2nhjbPoyTYDB4clmNiVqYF
Malware Config
Extracted
mirai
UNSTABLE
Targets
-
-
Target
db0fa4b8db0333367e9bda3ab68b8042.mips.elf
-
Size
35KB
-
MD5
42ee2e4502d9dc6d5296f96907dfd2d7
-
SHA1
a2a7ad1ccfe374dbc6709390f1c6d0250bceec6c
-
SHA256
8f3a43458b1db0e059023feb483fffd20460f3acba03b05786555be10d1cfcb0
-
SHA512
6ee578d25631be7c843724dd5b7b55794455c0d7dc39d38c9d5cb8ef8412464c5cc707d9fd2b259d8616b40d19e1f69ea4ab1fe02c97b56cba5195364200b887
-
SSDEEP
768:2SUl3dSMnbPoGbT55n7OZ7Hj2Y4GAU04FIbjNH9R+JgGlzDpUYse:2nhjbPoyTYDB4clmNiVqYF
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Mirai family
-
Contacts a large (159037) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-