# Similar malware
## Mirai variant
### Matching Features
- C2 port: **38241**
- Embedded C2: **sdfsd.xyz**
- table_init: xor key is **0x3a**
- Output strings: **gosh that chinese family at the other table sure ate a lot**
|No.| Sample | Download | C2 | Exploits | Ports | notes
|-| -------- | -------- | -------- |-|-|-|
| 1 | [5adf25df621f5a2d55a5d277ff9eb4a160e8806e8484d7ea4aa447173acd6dd3](https://hackmd.io/JTXoZEkxRyC6yFMcthAkrw#:~:text=Mirai-,5adf25df621f5a2d55a5d277ff9eb4a160e8806e8484d7ea4aa447173acd6dd3,-e53c15bb667424a4e233d3e674d1ddd3cce753e6c0e44978b798dd3ebd4ce7e7) | `45.139.105.145` |`skid.uno:38241`|None|23, 53, 38241, 60023|scanne_init: 0xea, **table_init: 0x3a**, Embedded C2: `shetoldmeshewas12.uno, infectedchink.cat, dogeatingchink.uno, skid.uno,` **sdfsd.xyz**, Output strings: **gosh that chinese family at the other table sure ate a lot** |
| 2 | [2d54d7a786a01f7a4742e3cb2191b0aef94e7e9c4fbea3c479e1d8170dd9a3e7](https://hackmd.io/JTXoZEkxRyC6yFMcthAkrw?view#:~:text=2d54d7a786a01f7a4742e3cb2191b0aef94e7e9c4fbea3c479e1d8170dd9a3e7) | `45.95.55.157` |`hujunxa.cc:38241`|37 (CVE-2017-17215, MVPowerDVRs, etc)|53, 80, 81, 82, 88, 8083, 8088, 37215, 38241|scanne_init: None, **table_init: 0x3a**, Embedded C2: `hujunxa.cc,` **sdfsd.xyz**, Output strings: **gosh that chinese family at the other table sure ate a lot**|
| 3 | c4ab14889779c1f253946f6275b0b094ecc8f19dbb322fdb69aa60351f0862fd | `45.66.230.47` | `shetoldmeshewas12.uno:38241, infectedchink.cat:38241, dogeatingchink.uno:38241, chinkona.buzz:38241, dogeating.monster:38241, sdfsd.xyz:38241` | None |23, 53, 38241, 60023 |scanne_init: 0xea, **table_init: 0x3a**, Embedded C2: `shetoldmeshewas12.uno, infectedchink.cat, dogeatingchink.uno, chinkona.buzz, dogeating.monster`, **sdfsd.xyz**, Output strings: **gosh that chinese family at the other table sure ate a lot**|
Sign in with Wallet
Connect another wallet