Overview

overview

10

Static

static

10

arm7-20220430-0850

linux_armhf

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    arm7-20220430-0850

  • Size

    132KB

  • Sample

    220430-kr54dsdadp

  • MD5

    02742a1be6f34744ba57320432c58c71

  • SHA1

    e67235c0591bcf9d2ab4386e4acc7171a0a9c35b

  • SHA256

    f27d11656a5661eceee193d1c64328cbd7920d495eb0735af71c859cef9f88e6

  • SHA512

    25a6d83a9352dd4a0563303dfdd8d4902798dfb89b34768b36c23f8c866fdb6f5ec3aad966eb5e4fd878407dea4060fab63568d013e567944e896538f18e2955

Score
10/10
miraidiscoverylinuxsuricata

Malware Config

Targets

    • Target

      arm7-20220430-0850

    • Size

      132KB

    • MD5

      02742a1be6f34744ba57320432c58c71

    • SHA1

      e67235c0591bcf9d2ab4386e4acc7171a0a9c35b

    • SHA256

      f27d11656a5661eceee193d1c64328cbd7920d495eb0735af71c859cef9f88e6

    • SHA512

      25a6d83a9352dd4a0563303dfdd8d4902798dfb89b34768b36c23f8c866fdb6f5ec3aad966eb5e4fd878407dea4060fab63568d013e567944e896538f18e2955

    Score
    10/10
    discoverysuricata

    • suricata: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1)

      suricata: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1)

      suricata

    • suricata: ET MALWARE ELF/MooBot Mirai DDoS Variant Server Response

      suricata: ET MALWARE ELF/MooBot Mirai DDoS Variant Server Response

      suricata

    • Contacts a large (149373) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

2
T1046

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks