mirai | 4b66508d8be9b02edea543489a07e3ac910b70d0421c20f3102b507bdf8b3def | Triage

Sharing

General

Target

070b332f2ba3f1248c43931c8e9b54c2.elf
Size

69KB
Sample

230426-jvd9eafh92
MD5

070b332f2ba3f1248c43931c8e9b54c2
SHA1

99fb3c09045859d404c203f6c480e3141fab7df8
SHA256

4b66508d8be9b02edea543489a07e3ac910b70d0421c20f3102b507bdf8b3def
SHA512

0671d3783d479fece4226751782699920972e88f3e9f327bcf54dbcc4b20cff0e42e8b0f7e235c51188ad222af1ab2e59e817e28cfa701d574e4b4b2cb46e6fe
SSDEEP

1536:pnUQJZdRlDAXO6QyQwOaOAKrxGxhP2J7RvsuIr5bh083:pnUQJ7RlUXTQpwOaOAaxGTPC+uWB3

Score

10^/10

mirai discovery linux

Malware Config

Extracted

Family

mirai

C2

230.btc-f23pool.top

Targets

- Target
  
  070b332f2ba3f1248c43931c8e9b54c2.elf
- Size
  
  69KB
- MD5
  
  070b332f2ba3f1248c43931c8e9b54c2
- SHA1
  
  99fb3c09045859d404c203f6c480e3141fab7df8
- SHA256
  
  4b66508d8be9b02edea543489a07e3ac910b70d0421c20f3102b507bdf8b3def
- SHA512
  
  0671d3783d479fece4226751782699920972e88f3e9f327bcf54dbcc4b20cff0e42e8b0f7e235c51188ad222af1ab2e59e817e28cfa701d574e4b4b2cb46e6fe
- SSDEEP
  
  1536:pnUQJZdRlDAXO6QyQwOaOAKrxGxhP2J7RvsuIr5bh083:pnUQJ7RlUXTQpwOaOAaxGTPC+uWB3
Score

9^/10

discovery
- Contacts a large (36599) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Changes its process name
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1