mirai | e4502bcf8ea6f624c36fb7dea0ad530b940842fb76c049e7a3f65294da1a5ffe | Triage

Sharing

General

Target

be55e447fa7845fff2ea223a8076f134.elf
Size

55KB
Sample

230408-3dphlahf6t
MD5

be55e447fa7845fff2ea223a8076f134
SHA1

9204f20b7fadd5a8a62cacc39f1eda3ae7ddbf38
SHA256

e4502bcf8ea6f624c36fb7dea0ad530b940842fb76c049e7a3f65294da1a5ffe
SHA512

8bbc9f2251a9241fa001cd9bea5d8a7c30feac01331d2dfa88cc660ffe37ded8203a3c2bb64725ef2c9f8fc23cd96ada824d4abf6932c4de85135a05192cec2d
SSDEEP

1536:7tnWDX6mOUw6g+nlnQoRwzaxI4ifnkHd6+b+10mM3W:iXZOUwZOlFInkHd6+ecW

Score

10^/10

mirai condi

Malware Config

Extracted

Family

mirai

Botnet

CONDI

C2

cnc.condinet.cf

report.condinet.cf

Targets

- Target
  
  be55e447fa7845fff2ea223a8076f134.elf
- Size
  
  55KB
- MD5
  
  be55e447fa7845fff2ea223a8076f134
- SHA1
  
  9204f20b7fadd5a8a62cacc39f1eda3ae7ddbf38
- SHA256
  
  e4502bcf8ea6f624c36fb7dea0ad530b940842fb76c049e7a3f65294da1a5ffe
- SHA512
  
  8bbc9f2251a9241fa001cd9bea5d8a7c30feac01331d2dfa88cc660ffe37ded8203a3c2bb64725ef2c9f8fc23cd96ada824d4abf6932c4de85135a05192cec2d
- SSDEEP
  
  1536:7tnWDX6mOUw6g+nlnQoRwzaxI4ifnkHd6+b+10mM3W:iXZOUwZOlFInkHd6+ecW
Score

7^/10
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1