mirai | 8a36b8f22db71a6db2a17837c09e0e33b43c9f8448ebc301f5c712772eeaa8ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86469c90d3f91ee29d0eec93e9d7bc98.elf
Size

145KB
Sample

221231-dhcbdsha87
MD5

86469c90d3f91ee29d0eec93e9d7bc98
SHA1

f5dfac6ccf5f8d83e37cbe970a0ad49621760dd6
SHA256

8a36b8f22db71a6db2a17837c09e0e33b43c9f8448ebc301f5c712772eeaa8ed
SHA512

b06893d2490b50caa7c6f931fe70ae4b03c4430d2c331d0ff5a239bd5485696abcae65d24567c892e0a469caa35b9959a84b64122bf999cccaf3fe1c95bdf0ee
SSDEEP

3072:Kwm2ESLFkhvaNHbz4NdWGJK1Ir1Fz8X64xCM/9n9dQ:Kwm2EvaNHbz4NMGJJHz8XTkM/9TQ

Score

10^/10

mirai discovery

Malware Config

Extracted

Family

mirai

C2

pipi.orxy.online

Targets

- Target
  
  86469c90d3f91ee29d0eec93e9d7bc98.elf
- Size
  
  145KB
- MD5
  
  86469c90d3f91ee29d0eec93e9d7bc98
- SHA1
  
  f5dfac6ccf5f8d83e37cbe970a0ad49621760dd6
- SHA256
  
  8a36b8f22db71a6db2a17837c09e0e33b43c9f8448ebc301f5c712772eeaa8ed
- SHA512
  
  b06893d2490b50caa7c6f931fe70ae4b03c4430d2c331d0ff5a239bd5485696abcae65d24567c892e0a469caa35b9959a84b64122bf999cccaf3fe1c95bdf0ee
- SSDEEP
  
  3072:Kwm2ESLFkhvaNHbz4NdWGJK1Ir1Fz8X64xCM/9n9dQ:Kwm2EvaNHbz4NMGJJHz8XTkM/9TQ
Score

9^/10

discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1