Overview

overview

10

Static

static

10

mirai.x86.elf

ubuntu-18.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mirai.x86.elf

  • Size

    54KB

  • Sample

    230326-l2rt7aaa9x

  • MD5

    b4e65440f343219e236149a93aac2d05

  • SHA1

    4472998db80b8395d21dd4a3d6482314e0407991

  • SHA256

    83c7b4ca92ccd4822c3e2879485427af6535005ac4846c97c5ffac488e7ebb95

  • SHA512

    b4607c6f0b117e0fc08b880995a4d469d5214e129eb02e8b4f34d401d758bc189509f6061047f91f3bca7137a1e2e3b3ef78c4a59cda08b1af0fde605464ab3c

  • SSDEEP

    1536:d6EwVWibZ6uzpNrmvFtWbF0AWCTZVZt+xc:QVWYZ6uzv4FKF0AWoZVZQq

Score
10/10
miraimiraidiscoverylinux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

C2

sbxfx.ddns.net

Targets

    • Target

      mirai.x86.elf

    • Size

      54KB

    • MD5

      b4e65440f343219e236149a93aac2d05

    • SHA1

      4472998db80b8395d21dd4a3d6482314e0407991

    • SHA256

      83c7b4ca92ccd4822c3e2879485427af6535005ac4846c97c5ffac488e7ebb95

    • SHA512

      b4607c6f0b117e0fc08b880995a4d469d5214e129eb02e8b4f34d401d758bc189509f6061047f91f3bca7137a1e2e3b3ef78c4a59cda08b1af0fde605464ab3c

    • SSDEEP

      1536:d6EwVWibZ6uzpNrmvFtWbF0AWCTZVZt+xc:QVWYZ6uzv4FKF0AWoZVZQq

    Score
    9/10
    discovery

    • Contacts a large (23505) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

2
T1046

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks