General

  • Target

    x86.elf

  • Size

    57KB

  • Sample

    230328-kv1m3sbg5w

  • MD5

    1dc464866d71c58a2a19d66a0a0450c9

  • SHA1

    c6aef84d1941981f5d54781973414fb0cc637e7f

  • SHA256

    c693531354b88880359aa488f7c498a6952d66e9ab3a6bc66dc7f3769e9d4d59

  • SHA512

    0c720f6957025dadbbd0c52979c318c942510061b258cedd7effda0f14d50932a42d7604ec06c671127630dc0dc7e4113adac1da2ead972a40b43c0d15c454e9

  • SSDEEP

    1536:ka4CVvtTO88JT/0fSGUzU+EYeZ56V/Ps06r6Mv:d4CxtTO88d/0KGUw+EvZw9k0Jk

Score
10/10

Malware Config

Extracted

Family

mirai

C2

seclor.hopto.org

Targets

    • Target

      x86.elf

    • Size

      57KB

    • MD5

      1dc464866d71c58a2a19d66a0a0450c9

    • SHA1

      c6aef84d1941981f5d54781973414fb0cc637e7f

    • SHA256

      c693531354b88880359aa488f7c498a6952d66e9ab3a6bc66dc7f3769e9d4d59

    • SHA512

      0c720f6957025dadbbd0c52979c318c942510061b258cedd7effda0f14d50932a42d7604ec06c671127630dc0dc7e4113adac1da2ead972a40b43c0d15c454e9

    • SSDEEP

      1536:ka4CVvtTO88JT/0fSGUzU+EYeZ56V/Ps06r6Mv:d4CxtTO88d/0KGUw+EvZw9k0Jk

    Score
    9/10
    • Contacts a large (37368) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Network Service Scanning

2
T1046

Tasks