mirai | 4ef21d58375ad709ab044c1118696c62d59d5d0eeae15b099393136d26ad3a14 | Triage

Sharing

General

Target

b91d077d44e2d47b308967a67dd1c404.elf
Size

54KB
Sample

230328-lyxw2aac83
MD5

b91d077d44e2d47b308967a67dd1c404
SHA1

e17b2eb709895ff7a3bd1df2537e1d1b34808756
SHA256

4ef21d58375ad709ab044c1118696c62d59d5d0eeae15b099393136d26ad3a14
SHA512

31fe461fc81c009b84c2123134c44c93996d3785ecc22e6c43945e802c6879eda7697a6591928916aeea45ec061fd6ec1f61af786c42db6c4530c4dce4283e20
SSDEEP

1536:JeESt/basV2rcZhG6ySN7na2lSR9zWOIaEjrqMts:JeESt/basVTgS7na2QRVtXESu

Score

10^/10

mirai discovery linux

Malware Config

Extracted

Family

mirai

C2

botnet.catpn.net

Targets

- Target
  
  b91d077d44e2d47b308967a67dd1c404.elf
- Size
  
  54KB
- MD5
  
  b91d077d44e2d47b308967a67dd1c404
- SHA1
  
  e17b2eb709895ff7a3bd1df2537e1d1b34808756
- SHA256
  
  4ef21d58375ad709ab044c1118696c62d59d5d0eeae15b099393136d26ad3a14
- SHA512
  
  31fe461fc81c009b84c2123134c44c93996d3785ecc22e6c43945e802c6879eda7697a6591928916aeea45ec061fd6ec1f61af786c42db6c4530c4dce4283e20
- SSDEEP
  
  1536:JeESt/basV2rcZhG6ySN7na2lSR9zWOIaEjrqMts:JeESt/basVTgS7na2QRVtXESu
Score

9^/10

discovery
- Contacts a large (37114) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1