mirai | c62c7aaa3ad4531cf64904ac9eac4e40b0946fd24bbe08513f3bba814796af85 | Triage

Sharing

General

Target

f3e77700778fc15dd844c4e6f2db2d3e.elf
Size

82KB
Sample

230317-ljsnrsfe37
MD5

f3e77700778fc15dd844c4e6f2db2d3e
SHA1

e8c036c604fe2a6d6f7e7db6c78b84273fe29a09
SHA256

c62c7aaa3ad4531cf64904ac9eac4e40b0946fd24bbe08513f3bba814796af85
SHA512

04e311894dd48a9da059abfbd5e80e64616cd04420f0a58bfede2a2d5be0f362aba09e5462b93d4549588dd536c00dc73cc20753c857c77fac0b75d55e25133c
SSDEEP

1536:iVLyu95KZJkj752dCexuV/8UZlDwfkJ4MYfWt:iVLyMgOFezxu5VD1eI

Score

10^/10

mirai discovery

Malware Config

Extracted

Family

mirai

C2

test.zxyes.xyz

Targets

- Target
  
  f3e77700778fc15dd844c4e6f2db2d3e.elf
- Size
  
  82KB
- MD5
  
  f3e77700778fc15dd844c4e6f2db2d3e
- SHA1
  
  e8c036c604fe2a6d6f7e7db6c78b84273fe29a09
- SHA256
  
  c62c7aaa3ad4531cf64904ac9eac4e40b0946fd24bbe08513f3bba814796af85
- SHA512
  
  04e311894dd48a9da059abfbd5e80e64616cd04420f0a58bfede2a2d5be0f362aba09e5462b93d4549588dd536c00dc73cc20753c857c77fac0b75d55e25133c
- SSDEEP
  
  1536:iVLyu95KZJkj752dCexuV/8UZlDwfkJ4MYfWt:iVLyMgOFezxu5VD1eI
Score

9^/10

discovery
- Contacts a large (30206) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1