mirai | 6246a4b3acf157d6bada5f42345ca4685a454e8567eb308405d8aa72338dac6b | Triage

Submit
Reports

Overview

overview

Static

static

7

56d2939e04...fc.elf

debian-9-mipsel

Sharing

General

Target

56d2939e0462a042dff1526d46ed2cfc.elf
Size

37KB
Sample

230608-sx2l6age29
MD5

56d2939e0462a042dff1526d46ed2cfc
SHA1

0ddd0469ea17b57f82406ccc7632deed8e14c8e3
SHA256

6246a4b3acf157d6bada5f42345ca4685a454e8567eb308405d8aa72338dac6b
SHA512

7615d0d5c285968554c8a112244afb947e35f2658f61004e4bf489829a1cb691cc8f0beecc170e35718091cc7767ba793e71f874f4323b25227ca7655ad3e10c
SSDEEP

768:kE1hhWjGqeJ3LksvkNtY8ziiYEmSmbBRg1I4cHT29bWMx:PqGp3YqkQ9g0bjg1I9E

Score

10^/10

mirai unstable botnet discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

56d2939e0462a042dff1526d46ed2cfc.elf

Resource

debian9-mipsel-20221111-en

mirai unstable botnet discovery

debian-9-mipsel

7 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

- Target
  
  56d2939e0462a042dff1526d46ed2cfc.elf
- Size
  
  37KB
- MD5
  
  56d2939e0462a042dff1526d46ed2cfc
- SHA1
  
  0ddd0469ea17b57f82406ccc7632deed8e14c8e3
- SHA256
  
  6246a4b3acf157d6bada5f42345ca4685a454e8567eb308405d8aa72338dac6b
- SHA512
  
  7615d0d5c285968554c8a112244afb947e35f2658f61004e4bf489829a1cb691cc8f0beecc170e35718091cc7767ba793e71f874f4323b25227ca7655ad3e10c
- SSDEEP
  
  768:kE1hhWjGqeJ3LksvkNtY8ziiYEmSmbBRg1I4cHT29bWMx:PqGp3YqkQ9g0bjg1I9E
Score

10^/10

mirai unstable botnet discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (223547) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraiunstablebotnetdiscovery

© 2018-2024

Terms | Privacy