mirai | a84de46a574ff256be2b974a1243536c34d183198973a89ae9faa6a7fb0de768 | Triage

Submit
Reports

Overview

overview

Static

static

7

SecuriteIn...86.elf

debian-9-mipsel

Sharing

General

Target

SecuriteInfo.com.Heur.20230531133228987075586.elf
Size

35KB
Sample

230531-rt5c7sga21
MD5

7a9087623c239af857f69cf79fe8b3a7
SHA1

72a74212fb7697bf350ee8923a7dfcab467e7dae
SHA256

a84de46a574ff256be2b974a1243536c34d183198973a89ae9faa6a7fb0de768
SHA512

ea564839fb452ddf0df9c0af31ac5c849252d5fabbc4389257ccfb59bd26b987df7a00e884e6a79ed5bc8085d1e880f430a7f3ca42996dfbc43fdd2e0950eb3c
SSDEEP

768:mE1T2TphOV0R3IE/XZ3nfjysjkry2/rjJ1xmXWMW:mMn097B3fF2TjJ1xm+

Score

10^/10

mirai unstable botnet discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Heur.20230531133228987075586.elf

Resource

debian9-mipsel-20221125-en

mirai unstable botnet discovery

debian-9-mipsel

7 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

- Target
  
  SecuriteInfo.com.Heur.20230531133228987075586.elf
- Size
  
  35KB
- MD5
  
  7a9087623c239af857f69cf79fe8b3a7
- SHA1
  
  72a74212fb7697bf350ee8923a7dfcab467e7dae
- SHA256
  
  a84de46a574ff256be2b974a1243536c34d183198973a89ae9faa6a7fb0de768
- SHA512
  
  ea564839fb452ddf0df9c0af31ac5c849252d5fabbc4389257ccfb59bd26b987df7a00e884e6a79ed5bc8085d1e880f430a7f3ca42996dfbc43fdd2e0950eb3c
- SSDEEP
  
  768:mE1T2TphOV0R3IE/XZ3nfjysjkry2/rjJ1xmXWMW:mMn097B3fF2TjJ1xm+
Score

10^/10

mirai unstable botnet discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (160072) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraiunstablebotnetdiscovery

© 2018-2024

Terms | Privacy