Analysis Overview
SHA256
f471f1b5d41bc812c0419152aa4c0a71191ec2e3ae1a825ba07c49541f35b031
Threat Level: Known bad
The file 443d08be9f7e57f9e446aa5e357818f3 was found to be: Known bad.
Malicious Activity Summary
Detected x86corona Mirai Variant
Identified Kaiten Bot
Kaiten family
Mirai family
Mirai_x86corona family
Detect Mirai Payload
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2021-10-25 08:27
Signatures
Detect Mirai Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Detected x86corona Mirai Variant
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Identified Kaiten Bot
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Kaiten family
Mirai family
Mirai_x86corona family
Analysis: behavioral2
Detonation Overview
Submitted
2021-10-25 08:27
Reported
2021-10-25 08:32
Platform
debian9-mipsel
Max time network
10s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| US | 1.1.1.1:53 | 2.debian.pool.ntp.org | udp |
| US | 1.1.1.1:53 | 2.debian.pool.ntp.org | udp |
| NL | 5.79.108.34:123 | 2.debian.pool.ntp.org | udp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2021-10-25 08:27
Reported
2021-10-25 08:43
Platform
debian9-mipsbe
Max time network
25s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| US | 1.1.1.1:53 | 2.debian.pool.ntp.org | udp |
| US | 1.1.1.1:53 | 2.debian.pool.ntp.org | udp |
| US | 1.1.1.1:53 | 3.debian.pool.ntp.org | udp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2021-10-25 08:27
Reported
2021-10-25 08:52
Platform
ubuntu-amd64
Max time kernel
6381s
Max time network
169s
Command Line
Signatures
Processes
./443d08be9f7e57f9e446aa5e357818f3
[./443d08be9f7e57f9e446aa5e357818f3]
Network
| Country | Destination | Domain | Proto |
| US | 1.1.1.1:53 | changelogs.ubuntu.com | udp |
| US | 1.1.1.1:53 | changelogs.ubuntu.com | udp |
| US | 162.240.30.112:42516 | tcp | |
| CA | 142.44.163.110:6667 | tcp | |
| US | 91.189.91.157:123 | udp | |
| CA | 142.44.163.110:6667 | tcp | |
| US | 91.189.91.157:123 | udp | |
| CA | 142.44.163.110:6667 | tcp | |
| CA | 142.44.163.110:6667 | tcp | |
| US | 91.189.91.157:123 | udp | |
| CA | 142.44.163.110:6667 | tcp |