mirai | f3265477bc3925e1732ffe7ba4e56a7848da7171018b8142a3336fbad1e2f5b7 | Triage

Submit
Reports

Overview

overview

Static

static

7

0529.elf

debian-9-mipsel

Sharing

General

Target

0529.elf
Size

23KB
Sample

230529-nqkb3sbe99
MD5

80c7b29d8da64f2237aad8b437580ad8
SHA1

a353f14b004d55f85b0a783ddbb95215f3cbb18d
SHA256

f3265477bc3925e1732ffe7ba4e56a7848da7171018b8142a3336fbad1e2f5b7
SHA512

f381dd10186b0d554f07284b4c2148dc2c9fb8ce49d1cbbba4f5abd49e03ac81a89ddcd4e663151c74ccfbfa619c6628e62c41600dbd5136f356a43963463073
SSDEEP

384:SJOK22Tuj6RG9FbjDpw94gm2bjnPboVPBkgUYRWGVCzhMhHuf:SJOK/TIvHXDpwWgmuUPBdU4WM6

Score

10^/10

mirai botnet upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0529.elf

Resource

debian9-mipsel-en-20211208

debian-9-mipsel

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  0529.elf
- Size
  
  23KB
- MD5
  
  80c7b29d8da64f2237aad8b437580ad8
- SHA1
  
  a353f14b004d55f85b0a783ddbb95215f3cbb18d
- SHA256
  
  f3265477bc3925e1732ffe7ba4e56a7848da7171018b8142a3336fbad1e2f5b7
- SHA512
  
  f381dd10186b0d554f07284b4c2148dc2c9fb8ce49d1cbbba4f5abd49e03ac81a89ddcd4e663151c74ccfbfa619c6628e62c41600dbd5136f356a43963463073
- SSDEEP
  
  384:SJOK22Tuj6RG9FbjDpw94gm2bjnPboVPBkgUYRWGVCzhMhHuf:SJOK/TIvHXDpwWgmuUPBdU4WM6
Score

10^/10

mirai botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy