mirai | d079becc00a546193eced8bbc6b8f086bc3680b13f77de12765f2b5825c12201 | Triage

Sharing

General

Target

18e37228c3c8cd735b22d67ba628bbbb.elf
Size

37KB
Sample

230328-ksrbmahh97
MD5

18e37228c3c8cd735b22d67ba628bbbb
SHA1

097d23139ae038ef52838d6ca14d2c16b4966a18
SHA256

d079becc00a546193eced8bbc6b8f086bc3680b13f77de12765f2b5825c12201
SHA512

7925a120131455942a9019516f9519b09c1e6b55ee45972a8fba0df7f95906d8d344c0764e7ad74ef9770c4c2163a4b84b3062cda5be127984d5afbe072f839a
SSDEEP

768:6ryDw+2jd+xIPTWri8wklJug2OV3NwBrAaceuBV5og:7w+2j02Pirrig2OjwBrxceuBvog

Score

10^/10

mirai botnet discovery linux

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

- Target
  
  18e37228c3c8cd735b22d67ba628bbbb.elf
- Size
  
  37KB
- MD5
  
  18e37228c3c8cd735b22d67ba628bbbb
- SHA1
  
  097d23139ae038ef52838d6ca14d2c16b4966a18
- SHA256
  
  d079becc00a546193eced8bbc6b8f086bc3680b13f77de12765f2b5825c12201
- SHA512
  
  7925a120131455942a9019516f9519b09c1e6b55ee45972a8fba0df7f95906d8d344c0764e7ad74ef9770c4c2163a4b84b3062cda5be127984d5afbe072f839a
- SSDEEP
  
  768:6ryDw+2jd+xIPTWri8wklJug2OV3NwBrAaceuBV5og:7w+2j02Pirrig2OjwBrxceuBvog
Score

9^/10

discovery
- Contacts a large (73694) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1