General
-
Target
053bcbcd58b623f29be6d4ec2076e2e5.bin
-
Size
22KB
-
Sample
240703-bcr4jstblk
-
MD5
43d13a8a003e7fa861e68e94ce9cc4e3
-
SHA1
784beafb93b02a591339c2dc032cf444db411709
-
SHA256
88f0eed73ebc9d8fe9b7bb60e586441dd89331ad14e67330f01019bb12ea1d28
-
SHA512
4e941705c90bf22726c163953160878b8b7460be42a9a98635d91892a8b746e0a603fee0c8319f2da8aabe6ea7613de3a390b44c9d3a8a9f91131a59dc8df4eb
-
SSDEEP
384:RFJDex+C3i0FyPBwvM+tAzHAbVTNY3CaRVbkrykj+zNbWn79MJ0Jm5PPBL4:7JDjZAKzHAbVTSSaRVblkoWn79MJ0JmA
Behavioral task
behavioral1
Sample
fa3cffe63263dfbdcc6723c37a7f67d9568adb080e257a791a6b167fa13dc19b.elf
Resource
ubuntu2204-amd64-20240522.1-en
Malware Config
Extracted
mirai
BOTNET
fortnite.cryptoinvest.black
Targets
-
-
Target
fa3cffe63263dfbdcc6723c37a7f67d9568adb080e257a791a6b167fa13dc19b.elf
-
Size
41KB
-
MD5
053bcbcd58b623f29be6d4ec2076e2e5
-
SHA1
20acf769ed83961badfa08f6f258a30f2c48067e
-
SHA256
fa3cffe63263dfbdcc6723c37a7f67d9568adb080e257a791a6b167fa13dc19b
-
SHA512
9aa611cb272c0c2677a806981c43d0c826ff5d1f93437a295f7cc4918b4b495d2f972419aca4239aa2e6beb89b378b78fb843cf64884afd565503f70a4c04126
-
SSDEEP
768:b4U9FiNjEB5NXpx19OlqxHgSWpi23UnOq8oY/Bo8G9rKDC+:lojEB5Bpx19OsxH2iRu/ql2DC
Score9/10-
Contacts a large (74726) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-