mirai | 5a3a3eae493580349307d3cf5662f8a55c8745d482b3a49cad859f70829a538e | Triage

Sharing

General

Target

x86_64
Size

61KB
Sample

230326-ff4zqsfe75
MD5

88bce03e77c14646ff92f51acdd374f0
SHA1

012bab56982124f4133db66bf08686e774c17b99
SHA256

5a3a3eae493580349307d3cf5662f8a55c8745d482b3a49cad859f70829a538e
SHA512

45ea4496d795f01f07736e38707e71197c2900435dd933d98fd4619b28a11361cd8399f8b2cd44111a58c2bb4c84d3f0d8d19e7d18c6a3fd73e4e9078a7315a9
SSDEEP

1536:dpmbSQ6U3q7cCBT/lZsK/0DiQILiKimfFoktCe3fYRMV:WShU3q7cEDlCK/0DQ9i8Fok06fYR+

Score

10^/10

mirai discovery linux

Malware Config

Extracted

Family

mirai

C2

botnet.nguyennghi.info

Targets

- Target
  
  x86_64
- Size
  
  61KB
- MD5
  
  88bce03e77c14646ff92f51acdd374f0
- SHA1
  
  012bab56982124f4133db66bf08686e774c17b99
- SHA256
  
  5a3a3eae493580349307d3cf5662f8a55c8745d482b3a49cad859f70829a538e
- SHA512
  
  45ea4496d795f01f07736e38707e71197c2900435dd933d98fd4619b28a11361cd8399f8b2cd44111a58c2bb4c84d3f0d8d19e7d18c6a3fd73e4e9078a7315a9
- SSDEEP
  
  1536:dpmbSQ6U3q7cCBT/lZsK/0DiQILiKimfFoktCe3fYRMV:WShU3q7cEDlCK/0DQ9i8Fok06fYR+
Score

9^/10

discovery
- Contacts a large (10241) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1