Overview

overview

10

Static

static

10

botx.x86.elf

ubuntu-18.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    botx.x86.elf

  • Size

    50KB

  • Sample

    230401-2stkesdc37

  • MD5

    84d03095694331853044f5cbc877d504

  • SHA1

    986cb4e41a8c2c11c2bc40ffb943041a61471cb7

  • SHA256

    179aa3b429095b6bda79652f265b3ddbe057a086dbe271115ea8a8144b5aab26

  • SHA512

    d8101c03160a38adde6b53740ebb28447236bc619c2577ed515a1160ce027508d193d9329f72704d4cb7cd8cf3491e20548f2b4be614cca1c2c628e56f956f79

  • SSDEEP

    768:ytYRSjaQ9DaZ/oJRExakbMqu8iI/kvKy+hElGTm/4RsvKQLDJmgMjz:WYRSjaCu1wRPw/ly+hwGq/4G3LNmgMv

Score
10/10
miraicondidiscoverylinux

Malware Config

Extracted

Family

mirai

Botnet

CONDI

Targets

    • Target

      botx.x86.elf

    • Size

      50KB

    • MD5

      84d03095694331853044f5cbc877d504

    • SHA1

      986cb4e41a8c2c11c2bc40ffb943041a61471cb7

    • SHA256

      179aa3b429095b6bda79652f265b3ddbe057a086dbe271115ea8a8144b5aab26

    • SHA512

      d8101c03160a38adde6b53740ebb28447236bc619c2577ed515a1160ce027508d193d9329f72704d4cb7cd8cf3491e20548f2b4be614cca1c2c628e56f956f79

    • SSDEEP

      768:ytYRSjaQ9DaZ/oJRExakbMqu8iI/kvKy+hElGTm/4RsvKQLDJmgMjz:WYRSjaCu1wRPw/ly+hwGq/4G3LNmgMv

    Score
    9/10
    discovery

    • Contacts a large (55650) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

2
T1046

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks