mirai | 94dfb506b7cdb1a387b65c72d76f263457f6cae79d71b4b4fe08b69e45a7a1ea | Triage

Submit
Reports

Overview

overview

Static

static

sora.arm7

linux_armhf

9

Sharing

General

Target

sora.arm7
Size

125KB
Sample

220521-vjhy1aace4
MD5

0894461ed1f97041c224c7c1796b46ed
SHA1

fad16925e72dd73ba55a302a2587af5fcd8bfeba
SHA256

94dfb506b7cdb1a387b65c72d76f263457f6cae79d71b4b4fe08b69e45a7a1ea
SHA512

8b3d1da710076d681dfaf13b7373e835ea9fe9f231ae817487135171426211ca7e18ed632b0c38271dfde022a9f229f4583a87163b7ca65c951e66546c6087d3

Score

10^/10

mirai discovery linux

Static task

static1

Behavioral task

behavioral1

Sample

sora.arm7

Resource

debian9-armhf-en-20211208

linux_armhf

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  sora.arm7
- Size
  
  125KB
- MD5
  
  0894461ed1f97041c224c7c1796b46ed
- SHA1
  
  fad16925e72dd73ba55a302a2587af5fcd8bfeba
- SHA256
  
  94dfb506b7cdb1a387b65c72d76f263457f6cae79d71b4b4fe08b69e45a7a1ea
- SHA512
  
  8b3d1da710076d681dfaf13b7373e835ea9fe9f231ae817487135171426211ca7e18ed632b0c38271dfde022a9f229f4583a87163b7ca65c951e66546c6087d3
Score

9^/10

discovery
- Contacts a large (138936) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Scanning

System Network Connections Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy