mirai | 4ab8429c75ae119098a20480350e3d8d4d59fb3d0a46bbb11ac9f28bf1f70411 | Triage

Submit
Reports

Overview

overview

Static

static

bok.x86

ubuntu-18.04-amd64

9

Sharing

General

Target

bok.x86
Size

65KB
Sample

230303-gaxtxagd22
MD5

445b6a195b6f4a020b46abb0238fb202
SHA1

ac3570d2e7f583d106ddc53015b6a6e851320f0f
SHA256

4ab8429c75ae119098a20480350e3d8d4d59fb3d0a46bbb11ac9f28bf1f70411
SHA512

0a43e0de4e36c946538fe21357865f901e88e85a693bb42f77c16fc05bc291785ec28dbe2ca8d8febe4003dd52b012009eb701e01e43a9853931ac999ab36ee9
SSDEEP

1536:WgafdCLPcm8TQ/h/+ggp/KtGYsPgw7JoifHY6:WgaViPcVT2YglUYmLP/Y

Score

10^/10

mirai discovery linux

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bok.x86

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  bok.x86
- Size
  
  65KB
- MD5
  
  445b6a195b6f4a020b46abb0238fb202
- SHA1
  
  ac3570d2e7f583d106ddc53015b6a6e851320f0f
- SHA256
  
  4ab8429c75ae119098a20480350e3d8d4d59fb3d0a46bbb11ac9f28bf1f70411
- SHA512
  
  0a43e0de4e36c946538fe21357865f901e88e85a693bb42f77c16fc05bc291785ec28dbe2ca8d8febe4003dd52b012009eb701e01e43a9853931ac999ab36ee9
- SSDEEP
  
  1536:WgafdCLPcm8TQ/h/+ggp/KtGYsPgw7JoifHY6:WgaViPcVT2YglUYmLP/Y
Score

9^/10

discovery
- Contacts a large (46704) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy