mirai | 5637fdfacc949c5cea21cf6b91fe69a5216e06bfc8c6a1961b13813a18b46729 | Triage

Sharing

General

Target

57c35193c86e3109593cccd698d2f5f1.elf
Size

42KB
Sample

220919-ff9j8agga7
MD5

57c35193c86e3109593cccd698d2f5f1
SHA1

4ebdc9c9446d69d323eba4c409043522107acb92
SHA256

5637fdfacc949c5cea21cf6b91fe69a5216e06bfc8c6a1961b13813a18b46729
SHA512

16989635a4df5ebac6cae7226bd0376387bfbbb5a3a52f6360e5e9fb37395289454aeb1b4cef4f67ba43ebf2e9c25c2e4623a2ce379106adcbb7b59b4629f1aa
SSDEEP

768:wFEdkA17ga9JOE2VWnWKYrex3SZYjUhaezXxq9xNk1WUi:wOdkA17ga9Jp2MnQ23fjUh/Xc9xuoUi

Score

10^/10

mirai botnet discovery linux

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

C2

cnc.notabotnet.lol

Targets

- Target
  
  57c35193c86e3109593cccd698d2f5f1.elf
- Size
  
  42KB
- MD5
  
  57c35193c86e3109593cccd698d2f5f1
- SHA1
  
  4ebdc9c9446d69d323eba4c409043522107acb92
- SHA256
  
  5637fdfacc949c5cea21cf6b91fe69a5216e06bfc8c6a1961b13813a18b46729
- SHA512
  
  16989635a4df5ebac6cae7226bd0376387bfbbb5a3a52f6360e5e9fb37395289454aeb1b4cef4f67ba43ebf2e9c25c2e4623a2ce379106adcbb7b59b4629f1aa
- SSDEEP
  
  768:wFEdkA17ga9JOE2VWnWKYrex3SZYjUhaezXxq9xNk1WUi:wOdkA17ga9Jp2MnQ23fjUh/Xc9xuoUi
Score

9^/10

discovery
- Contacts a large (100335) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1