mirai | ceb503189360c97b79ab8e6bd2d8ea452bdaa2f5b8a1caa7dca3e639d71c8697 | Triage

Sharing

General

Target

d23c943cdb07744ec8d7cc82028966dd.elf
Size

54KB
Sample

230216-cra91sfc93
MD5

d23c943cdb07744ec8d7cc82028966dd
SHA1

a229784c46247c40074d4ea92ead1f70a39c0b7a
SHA256

ceb503189360c97b79ab8e6bd2d8ea452bdaa2f5b8a1caa7dca3e639d71c8697
SHA512

41ba2af4b6bfaa54d28e018f27977d96df306dc7194b55510cbed0d78e00b1cd98a61f82887a87b9e627b0b41e52cd1151a16faaa57f40990598dfd0547c173a
SSDEEP

1536:JeESt/basV2rcZhG6ySN7naopW1ZzWOIaEjrqMUs:JeESt/basVTgS7naow1ptXESb

Score

10^/10

mirai discovery linux

Malware Config

Extracted

Family

mirai

C2

j.xnyidc.top

Targets

- Target
  
  d23c943cdb07744ec8d7cc82028966dd.elf
- Size
  
  54KB
- MD5
  
  d23c943cdb07744ec8d7cc82028966dd
- SHA1
  
  a229784c46247c40074d4ea92ead1f70a39c0b7a
- SHA256
  
  ceb503189360c97b79ab8e6bd2d8ea452bdaa2f5b8a1caa7dca3e639d71c8697
- SHA512
  
  41ba2af4b6bfaa54d28e018f27977d96df306dc7194b55510cbed0d78e00b1cd98a61f82887a87b9e627b0b41e52cd1151a16faaa57f40990598dfd0547c173a
- SSDEEP
  
  1536:JeESt/basV2rcZhG6ySN7naopW1ZzWOIaEjrqMUs:JeESt/basVTgS7naow1ptXESb
Score

9^/10

discovery
- Contacts a large (37627) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1