mirai | 461430d3129ba68cd02fcebd48f00cc018bff0cd4c77ef0f042c002323f2272f | Triage

Sharing

General

Target

c02d302b60978cf513b44694316a66b3.elf
Size

98KB
Sample

230111-2pdd2aef26
MD5

c02d302b60978cf513b44694316a66b3
SHA1

a4bbbe0fdaf0aa1fb5104bf3e4930d2167fa81fc
SHA256

461430d3129ba68cd02fcebd48f00cc018bff0cd4c77ef0f042c002323f2272f
SHA512

b00eeae8bf88e788ec1278ec26e6ddc4de4882cc87c90cb4cdbc004387b4064233ccaf737db08db40069febe0bbb75dacc2a20437c51ae11b952fafa58520f46
SSDEEP

3072:TmO9jA6KhK3eOrT8bhboVisDD/mgoM3zQ:TRjA6KhK3eOrfisDD/mzqE

Score

10^/10

mirai discovery

Malware Config

Targets

- Target
  
  c02d302b60978cf513b44694316a66b3.elf
- Size
  
  98KB
- MD5
  
  c02d302b60978cf513b44694316a66b3
- SHA1
  
  a4bbbe0fdaf0aa1fb5104bf3e4930d2167fa81fc
- SHA256
  
  461430d3129ba68cd02fcebd48f00cc018bff0cd4c77ef0f042c002323f2272f
- SHA512
  
  b00eeae8bf88e788ec1278ec26e6ddc4de4882cc87c90cb4cdbc004387b4064233ccaf737db08db40069febe0bbb75dacc2a20437c51ae11b952fafa58520f46
- SSDEEP
  
  3072:TmO9jA6KhK3eOrT8bhboVisDD/mgoM3zQ:TRjA6KhK3eOrfisDD/mzqE
Score

9^/10

discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1