mirai | 160d753443dd1bec07ea9c1901dc964ab7bb16ba89a16d12c3655eaf5c290fab | Triage

Sharing

General

Target

x86_64.elf
Size

61KB
Sample

230303-j5ktyagb6y
MD5

7f439c82c3761ec4bd38bf03ed03a57d
SHA1

d4faac64453f0b5242c87a8e086aa2b2edf6ccd4
SHA256

160d753443dd1bec07ea9c1901dc964ab7bb16ba89a16d12c3655eaf5c290fab
SHA512

c933f2a566fff1c5e786db3df898a284a2cfdeede3a89470e247ea47884fff6a01020fae8306fe6dc6443097150d7c9f3588df7878d315db0d39dbc187992a4e
SSDEEP

1536:dpmbSQ6U3q7cCBT/lZsK/0DiQ+LiKimfFoktCe3fYRMM:WShU3q7cEDlCK/0DW9i8Fok06fYRf

Score

10^/10

mirai discovery linux

Malware Config

Extracted

Family

mirai

C2

botnet.zingspeed.me

Targets

- Target
  
  x86_64.elf
- Size
  
  61KB
- MD5
  
  7f439c82c3761ec4bd38bf03ed03a57d
- SHA1
  
  d4faac64453f0b5242c87a8e086aa2b2edf6ccd4
- SHA256
  
  160d753443dd1bec07ea9c1901dc964ab7bb16ba89a16d12c3655eaf5c290fab
- SHA512
  
  c933f2a566fff1c5e786db3df898a284a2cfdeede3a89470e247ea47884fff6a01020fae8306fe6dc6443097150d7c9f3588df7878d315db0d39dbc187992a4e
- SSDEEP
  
  1536:dpmbSQ6U3q7cCBT/lZsK/0DiQ+LiKimfFoktCe3fYRMM:WShU3q7cEDlCK/0DW9i8Fok06fYRf
Score

9^/10

discovery
- Contacts a large (37363) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1