General

  • Target

    8cc2e584d23c9e42cb06adc721a7345e.elf

  • Size

    119KB

  • Sample

    220919-1zgzjaeghl

  • MD5

    8cc2e584d23c9e42cb06adc721a7345e

  • SHA1

    a92b91a4fb5d63bbf0fb91f9038d0b694d24d0cd

  • SHA256

    cd77563128c84277184b050b4304bbba7241a9983ced5a693bad5c5cf940b2e6

  • SHA512

    a43bd3d769cad71c5604ae6c4239bc3f1dbdf1fcc08b06412bfb02ddca39cc2ebb2d555f5992a8fac927ace10c15a867e2aafaddcadab79e76c2bd30bb9ba7a6

  • SSDEEP

    3072:MxUw3sWOxDyNA8DYoMDPMFlyK3zMM/9b6cxg:MxUJWOtaA8DYoqPXK3oM/9mcxg

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

C2

cnc.notabotnet.lol

Targets

    • Target

      8cc2e584d23c9e42cb06adc721a7345e.elf

    • Size

      119KB

    • MD5

      8cc2e584d23c9e42cb06adc721a7345e

    • SHA1

      a92b91a4fb5d63bbf0fb91f9038d0b694d24d0cd

    • SHA256

      cd77563128c84277184b050b4304bbba7241a9983ced5a693bad5c5cf940b2e6

    • SHA512

      a43bd3d769cad71c5604ae6c4239bc3f1dbdf1fcc08b06412bfb02ddca39cc2ebb2d555f5992a8fac927ace10c15a867e2aafaddcadab79e76c2bd30bb9ba7a6

    • SSDEEP

      3072:MxUw3sWOxDyNA8DYoMDPMFlyK3zMM/9b6cxg:MxUJWOtaA8DYoqPXK3oM/9mcxg

    Score
    9/10
    • Contacts a large (140666) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.