mirai | ffbf2661c3e52e2255f21d90a79b7ea5487d1bee5f62a9acb22bb2ce86dcdd3e | Triage

Submit
Reports

Overview

overview

Static

static

588-1-0x00...ry.dmp

ubuntu-18.04-amd64

9

Sharing

Copy URL Twitter E-mail

General

Target

588-1-0x0000000008048000-0x0000000008062e00-memory.dmp
Size

96KB
Sample

230703-f2njwaga8z
MD5

0aa1bd913457d5fdad0f77c6a7396dc5
SHA1

86670992a0aeeeb3f1c0541b6a618857cfce5809
SHA256

ffbf2661c3e52e2255f21d90a79b7ea5487d1bee5f62a9acb22bb2ce86dcdd3e
SHA512

7cda88557f5cbbe14d29a7d429a34097623484e12ca85064eadc3f2364b0a512607f1d5c587eba8101c3af88da758ccb449d0a6c0d32c781c9bce5ecfe6f3c4b
SSDEEP

3072:088NimXbdys1IqueknrV63kFh5DjOCQgRSWEN/3zG9wqx1r9H:08CiKbd/uqu/rVckFh5D9QAQvYpH

Score

10^/10

mirai yowai discovery linux

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

588-1-0x0000000008048000-0x0000000008062e00-memory.dmp

Resource

ubuntu1804-amd64-20230621-en

ubuntu-18.04-amd64

6 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

YOWAI

Targets

- Target
  
  588-1-0x0000000008048000-0x0000000008062e00-memory.dmp
- Size
  
  96KB
- MD5
  
  0aa1bd913457d5fdad0f77c6a7396dc5
- SHA1
  
  86670992a0aeeeb3f1c0541b6a618857cfce5809
- SHA256
  
  ffbf2661c3e52e2255f21d90a79b7ea5487d1bee5f62a9acb22bb2ce86dcdd3e
- SHA512
  
  7cda88557f5cbbe14d29a7d429a34097623484e12ca85064eadc3f2364b0a512607f1d5c587eba8101c3af88da758ccb449d0a6c0d32c781c9bce5ecfe6f3c4b
- SSDEEP
  
  3072:088NimXbdys1IqueknrV63kFh5DjOCQgRSWEN/3zG9wqx1r9H:08CiKbd/uqu/rVckFh5D9QAQvYpH
Score

9^/10

discovery
- Contacts a large (20602) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy