Overview

overview

10

Static

static

7

virus.1

ubuntu-18.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    virus.1

  • Size

    18KB

  • Sample

    230525-ltcejahf9y

  • MD5

    49b55b5189424fa00c16d438cfcab0e1

  • SHA1

    488e9f9035076250cea5e41119f41d63f25c474e

  • SHA256

    caf577935671be92ac6d345a23f49168787250316edbe6ddccebdfbcdec385eb

  • SHA512

    1e53a0a1a69faa2db102efba490020e9f3652b0f177ece69b0343522a1f082e5cd068ce16b3f8cd36e79745bdb20797420f73abefe8527d5be21a72a505a5ad0

  • SSDEEP

    384:MWeHKBGXaLKbt3PSgArJK2dRQQeCPKlFYjKN399R5lBHcUexKXnUbeQLq51e:MQGXiuK902dRECPJeN9jlBHcUeA3Pe

Score
10/10
miraibotnetlinuxupx

Malware Config

Targets

    • Target

      virus.1

    • Size

      18KB

    • MD5

      49b55b5189424fa00c16d438cfcab0e1

    • SHA1

      488e9f9035076250cea5e41119f41d63f25c474e

    • SHA256

      caf577935671be92ac6d345a23f49168787250316edbe6ddccebdfbcdec385eb

    • SHA512

      1e53a0a1a69faa2db102efba490020e9f3652b0f177ece69b0343522a1f082e5cd068ce16b3f8cd36e79745bdb20797420f73abefe8527d5be21a72a505a5ad0

    • SSDEEP

      384:MWeHKBGXaLKbt3PSgArJK2dRQQeCPKlFYjKN399R5lBHcUexKXnUbeQLq51e:MQGXiuK902dRECPJeN9jlBHcUeA3Pe

    Score
    10/10
    miraibotnet

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks