mirai

Resubmissions

24-07-2023 08:36

230724-khjtsscc8x 4

24-07-2023 07:58

230724-jttmpsbf29 10

Sharing

Copy URL

Twitter E-mail

General

Target

https://github.com/Pyran1/MalwareDatabase/archive/refs/heads/master.zip
Sample

230724-jttmpsbf29

Score

10^/10

Malware Config

Extracted

Family

xorddos

http://aa.hostasa.org/config.rar

cdn.cloud2cdn.com:8080

Attributes

crc_polynomial
EDB88320

xor.plain

Targets

- Target
  
  https://github.com/Pyran1/MalwareDatabase/archive/refs/heads/master.zip
Score

10^/10

mirai ransomexx_lin xorddos botnet downloader ransomware upx
- Detected Linux variant of RansomEXX
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- RansomEXX Ransomware
  Targeted ransomware which initially affected Windows systems, but released a Linux variant in November 2020.
  ransomware ransomexx_lin
- XorDDoS
  Botnet and downloader malware targeting Linux-based operating systems and IoT devices.
  botnet downloader xorddos
- XorDDoS payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Detected Linux variant of RansomEXX

RansomEXX Ransomware

XorDDoS

XorDDoS payload

UPX packed file

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

urlscan1

behavioral1