mirai | be05aef1c8c5b8524b2b2ff5baa34987ea53836abe5325b930c736ffef8301ce | Triage

Sharing

General

Target

ae15c38745c4c43a91b2645a10f5181a.bin
Size

29KB
Sample

230325-b7p8facf5v
MD5

323d221061f93e3854db7ee6f3cac11c
SHA1

d719aad14d6c33e725d3b5d1ecee832b42079940
SHA256

be05aef1c8c5b8524b2b2ff5baa34987ea53836abe5325b930c736ffef8301ce
SHA512

81c9cf6928166543e282bf28742f343c04828573af1bd6c98a911d8d6ac656a28c2ec8ca6b47b514c11c3e79d864cd8b54fcd2575289ec774024cfa498bf4aab
SSDEEP

768:vIpyMVCWCNbJEfauzU6Dcz89H+f8eC+L6e0iXf:vI1VH2bJMfzU6h9H+f5C+x0iXf

Score

10^/10

mirai discovery linux

Malware Config

Extracted

Family

mirai

C2

admin.duc3k.com

Targets

- Target
  
  df9ed0fe24e6dad3b5ecb6bfcaefa56c96dfc81efc82bad90c97298ac546b49c.elf
- Size
  
  53KB
- MD5
  
  ae15c38745c4c43a91b2645a10f5181a
- SHA1
  
  c4bd00c24ad46356c41955b5c2a76d74005b5aee
- SHA256
  
  df9ed0fe24e6dad3b5ecb6bfcaefa56c96dfc81efc82bad90c97298ac546b49c
- SHA512
  
  3e2fff8b0bb2e08ab8a919c06180202b50e663df09ef2a7e851eb4297fe3d8a530513f516e5d66b8ef8ab85a654fc5a23259c814eaf9cf2d868a9f9ac7592473
- SSDEEP
  
  1536:Ux+v09GM9u8FStuMhGtglHc1sMntrfuCsYYYYYYYYYYYYYYYR9YYYYYYzYYYRYmD:Y+v0ENt7higlHIfnJ3k
Score

9^/10

discovery
- Contacts a large (37358) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1