mirai | ef40bd57689c055bc937669d3f6a83041ef7ba61c4aa00b962bd44cb743e66ff | Triage

Sharing

General

Target

ef40bd57689c055bc937669d3f6a83041ef7ba61c4aa00b962bd44cb743e66ff.elf
Size

78KB
Sample

221229-dnd26sfc7t
MD5

998b2c120362ba1138073ac4868f5e44
SHA1

44e86968b1791a58ec4d619961b543136658d07b
SHA256

ef40bd57689c055bc937669d3f6a83041ef7ba61c4aa00b962bd44cb743e66ff
SHA512

60c77a7b75666a05253c468c59acaedc00a6985c90c1037bb7be8ff47dfc47d44b64c721deacb6ac027fc51f58073faa89be8366bef3efc9538c3c4116b2f908
SSDEEP

1536:JLhUBcm2+IT9QfM2UpNAfDRHl0vleA38KgySWD/SZGITmnbO/z2:1hYcv+IT9QfM2UjAvqkA38KgySWD/Y7W

Score

10^/10

mirai mirai discovery linux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  ef40bd57689c055bc937669d3f6a83041ef7ba61c4aa00b962bd44cb743e66ff.elf
- Size
  
  78KB
- MD5
  
  998b2c120362ba1138073ac4868f5e44
- SHA1
  
  44e86968b1791a58ec4d619961b543136658d07b
- SHA256
  
  ef40bd57689c055bc937669d3f6a83041ef7ba61c4aa00b962bd44cb743e66ff
- SHA512
  
  60c77a7b75666a05253c468c59acaedc00a6985c90c1037bb7be8ff47dfc47d44b64c721deacb6ac027fc51f58073faa89be8366bef3efc9538c3c4116b2f908
- SSDEEP
  
  1536:JLhUBcm2+IT9QfM2UpNAfDRHl0vleA38KgySWD/SZGITmnbO/z2:1hYcv+IT9QfM2UjAvqkA38KgySWD/Y7W
Score

9^/10

discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1