Analysis Overview
SHA256
50b82ac4c85206858059255e14b808a88aec7188c8e53cbe3bc4288d6d6f78cd
Threat Level: Known bad
The file 50b82ac4c85206858059255e14b808a88aec7188c8e53cbe3bc4288d6d6f78cd was found to be: Known bad.
Malicious Activity Summary
Detect Mirai payload
Detected Gafgyt variant
Detected x86corona Mirai variant
Gafgyt family
Mirai family
Mirai_x86corona family
Writes file to tmp directory
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2022-07-18 20:54
Signatures
Detect Mirai payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Detected Gafgyt variant
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Detected x86corona Mirai variant
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Gafgyt family
Mirai family
Mirai_x86corona family
Analysis: behavioral1
Detonation Overview
Submitted
2022-07-18 20:54
Reported
2022-07-18 21:20
Platform
ubuntu1804-amd64-en-20211208
Max time kernel
0s
Max time network
141s
Command Line
Signatures
Writes file to tmp directory
| Description | Indicator | Process | Target |
| /tmp/50b82ac4c85206858059255e14b808a88aec7188c8e53cbe3bc4288d6d6f78cd | /tmp/50b82ac4c85206858059255e14b808a88aec7188c8e53cbe3bc4288d6d6f78cd | /tmp/50b82ac4c85206858059255e14b808a88aec7188c8e53cbe3bc4288d6d6f78cd | N/A |
Processes
/tmp/50b82ac4c85206858059255e14b808a88aec7188c8e53cbe3bc4288d6d6f78cd
[/tmp/50b82ac4c85206858059255e14b808a88aec7188c8e53cbe3bc4288d6d6f78cd]
Network
| Country | Destination | Domain | Proto |
| NL | 46.166.151.88:453 | tcp | |
| NL | 46.166.151.88:453 | tcp | |
| NL | 46.166.151.88:453 | tcp | |
| NL | 46.166.151.88:453 | tcp | |
| NL | 46.166.151.88:453 | tcp |