mirai | 76012ce2fb3d7f01d457dbcb79ef058fdfcd14aa6a4bbfdc6fe4fd65993696fe | Triage

Submit
Reports

Overview

overview

Static

static

7

8834c6964b...fb.elf

ubuntu-18.04-amd64

Sharing

General

Target

8834c6964b3c5faa191a1160357d0ffb.elf
Size

33KB
Sample

230501-q1s33sff55
MD5

8834c6964b3c5faa191a1160357d0ffb
SHA1

84bd781f329cfb8374294f8f09736ff468724627
SHA256

76012ce2fb3d7f01d457dbcb79ef058fdfcd14aa6a4bbfdc6fe4fd65993696fe
SHA512

420290ffa6ce919d9a5b36953735e3eccc617ea28886dc4932eb965ce75805b493361beec0aea4d2948147fc014571db84f40544a972900a1d7ff32a4347b1b1
SSDEEP

768:hardGcRVfZVuo3y02Pk6DezV95dn3iPlC8Pr0W4ffhmOXYx0YBr:ExfHuo3y02PHsdyPlCG4WOfYxBr

Score

10^/10

mirai rakitin botnet discovery linux upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8834c6964b3c5faa191a1160357d0ffb.elf

Resource

ubuntu1804-amd64-en-20211208

mirai rakitin botnet discovery

ubuntu-18.04-amd64

4 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

RAKITIN

Targets

- Target
  
  8834c6964b3c5faa191a1160357d0ffb.elf
- Size
  
  33KB
- MD5
  
  8834c6964b3c5faa191a1160357d0ffb
- SHA1
  
  84bd781f329cfb8374294f8f09736ff468724627
- SHA256
  
  76012ce2fb3d7f01d457dbcb79ef058fdfcd14aa6a4bbfdc6fe4fd65993696fe
- SHA512
  
  420290ffa6ce919d9a5b36953735e3eccc617ea28886dc4932eb965ce75805b493361beec0aea4d2948147fc014571db84f40544a972900a1d7ff32a4347b1b1
- SSDEEP
  
  768:hardGcRVfZVuo3y02Pk6DezV95dn3iPlC8Pr0W4ffhmOXYx0YBr:ExfHuo3y02PHsdyPlCG4WOfYxBr
Score

10^/10

mirai rakitin botnet discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (291791) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

mirairakitinbotnetdiscovery

© 2018-2024

Terms | Privacy