Overview

overview

10

Static

static

10

ae7e7ed26b...bb.elf

debian-9-mipsel

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    ae7e7ed26b305f1a064855598adb3cbb.elf

  • Size

    109KB

  • Sample

    220919-ff9j8achbp

  • MD5

    ae7e7ed26b305f1a064855598adb3cbb

  • SHA1

    3465dd1dc03d6614adb0dbce94b8c99bfa5ad3e9

  • SHA256

    586a8b333dd15ac7249d626400d12ada7b0838a3c5213268c5495af76e6e850d

  • SHA512

    aa0ec5b0d986f6d7fd3202cb00937756e0c44cf999bcfa7066d7d5a79fcaf707f5ae741e81239a34b6c7b6cfb0ae8ad71988a1e60a58d3c1dea8cd8d3c0cfde6

  • SSDEEP

    1536:8hQSdXAezAirIbsU62W7Aw4+TUJD4eOsQr4bDrvJvFcEl9:ZQXjzAirIbTqAw4gptE

Score
10/10
miraibotnetdiscovery

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

C2

cnc.notabotnet.lol

Targets

    • Target

      ae7e7ed26b305f1a064855598adb3cbb.elf

    • Size

      109KB

    • MD5

      ae7e7ed26b305f1a064855598adb3cbb

    • SHA1

      3465dd1dc03d6614adb0dbce94b8c99bfa5ad3e9

    • SHA256

      586a8b333dd15ac7249d626400d12ada7b0838a3c5213268c5495af76e6e850d

    • SHA512

      aa0ec5b0d986f6d7fd3202cb00937756e0c44cf999bcfa7066d7d5a79fcaf707f5ae741e81239a34b6c7b6cfb0ae8ad71988a1e60a58d3c1dea8cd8d3c0cfde6

    • SSDEEP

      1536:8hQSdXAezAirIbsU62W7Aw4+TUJD4eOsQr4bDrvJvFcEl9:ZQXjzAirIbTqAw4gptE

    Score
    9/10
    discovery

    • Contacts a large (106274) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks