mirai | 3f87eb0835bbb7fd5913d551b476cbd72837c4176bcbc0038ba898589a0f7888 | Triage

Submit
Reports

Overview

overview

Static

static

7

nag.x86.elf

ubuntu-18.04-amd64

Sharing

General

Target

nag.x86.elf
Size

24KB
Sample

230429-18g1wsec6t
MD5

385c82b44c2faea9bc27922489453bbc
SHA1

007431c8f2918833639bb37be1c668cba46b3a9a
SHA256

3f87eb0835bbb7fd5913d551b476cbd72837c4176bcbc0038ba898589a0f7888
SHA512

1c322c8b88af7e4dd480869cf50452bc73fb5572088f0b68f9a1bff22263deee8b326e63c31107d85956964a286193323e55dd22c3c1b800876a85a276b522cf
SSDEEP

768:I8/etIPotzrv6xFiHhCRpMiaqDanbcuyD7UyQRjI:StIUryxFiBKOFuanouy8yys

Score

10^/10

mirai botnet discovery linux upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

nag.x86.elf

Resource

ubuntu1804-amd64-en-20211208

mirai botnet discovery

ubuntu-18.04-amd64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  nag.x86.elf
- Size
  
  24KB
- MD5
  
  385c82b44c2faea9bc27922489453bbc
- SHA1
  
  007431c8f2918833639bb37be1c668cba46b3a9a
- SHA256
  
  3f87eb0835bbb7fd5913d551b476cbd72837c4176bcbc0038ba898589a0f7888
- SHA512
  
  1c322c8b88af7e4dd480869cf50452bc73fb5572088f0b68f9a1bff22263deee8b326e63c31107d85956964a286193323e55dd22c3c1b800876a85a276b522cf
- SSDEEP
  
  768:I8/etIPotzrv6xFiHhCRpMiaqDanbcuyD7UyQRjI:StIUryxFiBKOFuanouy8yys
Score

10^/10

mirai botnet discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (46394) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Changes its process name
- Deletes itself
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

miraibotnetdiscovery

© 2018-2024

Terms | Privacy