mirai | 7f5b495564b4d4cce05d405e07b4f2709ab060e9fa16ce9f1269988fe97cab41 | Triage

Sharing

General

Target

x86.elf
Size

61KB
Sample

230420-qsynlaca9y
MD5

1959372829f352dc37d7913f3d4e03fd
SHA1

6e25bd268adb30d0bae2428b6b4e2d1caa416f5d
SHA256

7f5b495564b4d4cce05d405e07b4f2709ab060e9fa16ce9f1269988fe97cab41
SHA512

de62ee2212046a7207aafce0722f37b87cb8debb37032e87d09ac2a3962e936200b53c19618b18c49eb6f09f9f461a8b107e87fb408f04fb1e3522d3be66994b
SSDEEP

1536:Z7qARubgzY/bEJyYRcpb80LDHhklv4JQC9DSW:NP+eY/bEJKpXBk9AP9l

Score

10^/10

mirai wicked discovery linux

Malware Config

Extracted

Family

mirai

Botnet

WICKED

Targets

- Target
  
  x86.elf
- Size
  
  61KB
- MD5
  
  1959372829f352dc37d7913f3d4e03fd
- SHA1
  
  6e25bd268adb30d0bae2428b6b4e2d1caa416f5d
- SHA256
  
  7f5b495564b4d4cce05d405e07b4f2709ab060e9fa16ce9f1269988fe97cab41
- SHA512
  
  de62ee2212046a7207aafce0722f37b87cb8debb37032e87d09ac2a3962e936200b53c19618b18c49eb6f09f9f461a8b107e87fb408f04fb1e3522d3be66994b
- SSDEEP
  
  1536:Z7qARubgzY/bEJyYRcpb80LDHhklv4JQC9DSW:NP+eY/bEJKpXBk9AP9l
Score

9^/10

discovery
- Contacts a large (87005) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1