mirai | 3aab99d31a9b0d00a302a0ed2671ec65ad791ecd86a7f80b7a5d6273afda55d4 | Triage

Submit
Reports

Overview

overview

Static

static

7

735e9753c1...0e.elf

debian-9-mipsel

Sharing

Copy URL Twitter E-mail

General

Target

735e9753c19e47f94262a223f3d6d90e.elf
Size

39KB
Sample

230709-lzgw7sch81
MD5

735e9753c19e47f94262a223f3d6d90e
SHA1

e4788f75621967957a9ce71fb43cd41c0b79dfe4
SHA256

3aab99d31a9b0d00a302a0ed2671ec65ad791ecd86a7f80b7a5d6273afda55d4
SHA512

1da4a6d6b71a964480f7befbf9441255ec447460063c8e0354723d08491fa3a70cd3862a9277d68e3c804828d01cfce4e0d2f60bf8de569dd91d758366b82285
SSDEEP

768:n5kkIYwjozyWu6BM4JwjgrHPLy0HgqL4Wu3oN8LzmNBPZwpEb/CEWfT:n5kknwk9umHPLy0HgqEON8L+cpEbKhT

Score

10^/10

mirai botnet discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

735e9753c19e47f94262a223f3d6d90e.elf

Resource

debian9-mipsel-20221125-en

mirai botnet discovery

debian-9-mipsel

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  735e9753c19e47f94262a223f3d6d90e.elf
- Size
  
  39KB
- MD5
  
  735e9753c19e47f94262a223f3d6d90e
- SHA1
  
  e4788f75621967957a9ce71fb43cd41c0b79dfe4
- SHA256
  
  3aab99d31a9b0d00a302a0ed2671ec65ad791ecd86a7f80b7a5d6273afda55d4
- SHA512
  
  1da4a6d6b71a964480f7befbf9441255ec447460063c8e0354723d08491fa3a70cd3862a9277d68e3c804828d01cfce4e0d2f60bf8de569dd91d758366b82285
- SSDEEP
  
  768:n5kkIYwjozyWu6BM4JwjgrHPLy0HgqL4Wu3oN8LzmNBPZwpEb/CEWfT:n5kknwk9umHPLy0HgqEON8L+cpEbKhT
Score

10^/10

mirai botnet discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (20332) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Scanning

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraibotnetdiscovery

© 2018-2025

Terms | Privacy