General
-
Target
adc70485dbae6ab79f9083ff5f96da2fece8b5922f0f5d0757d1c366285bfab6.elf
-
Size
49KB
-
Sample
250308-pttwcsxls8
-
MD5
ecd1b914d0248a8174d1f5ef567e2227
-
SHA1
c5ba0731a7b3236db4b8443b6be4f2f07d5ed6e5
-
SHA256
adc70485dbae6ab79f9083ff5f96da2fece8b5922f0f5d0757d1c366285bfab6
-
SHA512
9e25c305fa81ce9c4f715d6bc746fae810bc255d7e3d10017242864c4c04923644e86fce42b16c0638a06eb44aa8abec2681d944670dd22d69ac4d0cebbe979f
-
SSDEEP
1536:7uld7p12jkVJCWsAmSffC6tqacGSHfnHqs4ec:7uldP2jkV0BSfFiHfHq9/
Malware Config
Extracted
mirai
BOTNET
Targets
-
-
Target
adc70485dbae6ab79f9083ff5f96da2fece8b5922f0f5d0757d1c366285bfab6.elf
-
Size
49KB
-
MD5
ecd1b914d0248a8174d1f5ef567e2227
-
SHA1
c5ba0731a7b3236db4b8443b6be4f2f07d5ed6e5
-
SHA256
adc70485dbae6ab79f9083ff5f96da2fece8b5922f0f5d0757d1c366285bfab6
-
SHA512
9e25c305fa81ce9c4f715d6bc746fae810bc255d7e3d10017242864c4c04923644e86fce42b16c0638a06eb44aa8abec2681d944670dd22d69ac4d0cebbe979f
-
SSDEEP
1536:7uld7p12jkVJCWsAmSffC6tqacGSHfnHqs4ec:7uldP2jkV0BSfFiHfHq9/
Score9/10-
Contacts a large (178775) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Loads a kernel module
Loads a Linux kernel module, potentially to achieve persistence
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-