mirai | 1bfd3ac20208992bb9e3f1d300a111a828201d382d4c8dff3d1779710fa78e32 | Triage

Submit
Reports

Overview

overview

Static

static

7

c331d66944...71.elf

debian-9-armhf

Sharing

General

Target

c331d66944b5abd479b93d4b84c58271.elf
Size

40KB
Sample

230603-kqe6ksgc48
MD5

c331d66944b5abd479b93d4b84c58271
SHA1

2581c242bbfe75ae5002f5472c67acd15726f49e
SHA256

1bfd3ac20208992bb9e3f1d300a111a828201d382d4c8dff3d1779710fa78e32
SHA512

a2054a460c7de80dd03bfea966b696afeb0110bc0ae3fe51b6aa5819edb6100f48f5a2cb6ffbd3cd50354a717654a3d16e3863b3acd9b2fed101bdea64e1a4bd
SSDEEP

768:Nh010Cys8jd/+h3rRPVtxayiHpq3UIAA3GE25oCSoyYqhJ:NhS068deNPPxoHGBtCSwqhJ

Score

10^/10

mirai botnet upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c331d66944b5abd479b93d4b84c58271.elf

Resource

debian9-armhf-20221111-en

debian-9-armhf

4 signatures

150 seconds

Malware Config

Extracted

Family

mirai

C2

193.35.18.42

Targets

- Target
  
  c331d66944b5abd479b93d4b84c58271.elf
- Size
  
  40KB
- MD5
  
  c331d66944b5abd479b93d4b84c58271
- SHA1
  
  2581c242bbfe75ae5002f5472c67acd15726f49e
- SHA256
  
  1bfd3ac20208992bb9e3f1d300a111a828201d382d4c8dff3d1779710fa78e32
- SHA512
  
  a2054a460c7de80dd03bfea966b696afeb0110bc0ae3fe51b6aa5819edb6100f48f5a2cb6ffbd3cd50354a717654a3d16e3863b3acd9b2fed101bdea64e1a4bd
- SSDEEP
  
  768:Nh010Cys8jd/+h3rRPVtxayiHpq3UIAA3GE25oCSoyYqhJ:NhS068deNPPxoHGBtCSwqhJ
Score

10^/10

mirai botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Changes its process name
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy