mirai | ead7aa2c3f4e671af4de708d13734695a0ebb78504178bff749231647d5c5dac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e7212fb45bf7e9219407a04cb746c69d.elf
Size

61KB
Sample

221228-h5hh5shg22
MD5

e7212fb45bf7e9219407a04cb746c69d
SHA1

54b59d50d3bf85ad95bcae2508d09e3c3c434ef9
SHA256

ead7aa2c3f4e671af4de708d13734695a0ebb78504178bff749231647d5c5dac
SHA512

0d07e96f5ea7443d88b9897dfd2695b46db04b77fcaff58fb9f4915d65c9ae1fc1b50aeda4519ca66144a1cc45f0d8348fc8399c2decfcd6cd9c2ebea2d5550d
SSDEEP

1536:dpmbSQ6U3q7cCBT/lZsK/0DiQlLiKimfFoktCe3fYRMt:WShU3q7cEDlCK/0Dt9i8Fok06fYRG

Score

10^/10

mirai discovery linux

Malware Config

Extracted

Family

mirai

C2

ddaa.xinghaoshangcheng.cn

Targets

- Target
  
  e7212fb45bf7e9219407a04cb746c69d.elf
- Size
  
  61KB
- MD5
  
  e7212fb45bf7e9219407a04cb746c69d
- SHA1
  
  54b59d50d3bf85ad95bcae2508d09e3c3c434ef9
- SHA256
  
  ead7aa2c3f4e671af4de708d13734695a0ebb78504178bff749231647d5c5dac
- SHA512
  
  0d07e96f5ea7443d88b9897dfd2695b46db04b77fcaff58fb9f4915d65c9ae1fc1b50aeda4519ca66144a1cc45f0d8348fc8399c2decfcd6cd9c2ebea2d5550d
- SSDEEP
  
  1536:dpmbSQ6U3q7cCBT/lZsK/0DiQlLiKimfFoktCe3fYRMt:WShU3q7cEDlCK/0Dt9i8Fok06fYRG
Score

9^/10

discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1