Overview

overview

10

Static

static

10

9a2399175a...44.elf

ubuntu-18.04-amd64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    f367225d74f755b8cdd1b92f00b72e07.bin

  • Size

    34KB

  • Sample

    231011-s9ecdsgh31

  • MD5

    1d005917d54aa5a02289ab938c29bcce

  • SHA1

    0ac48f4063ce6b6eef1475a283a862d14a0f86d0

  • SHA256

    b346e55525cd26a8af6e819e57bf915b7388d8c1bf7de02c08721e656768bab7

  • SHA512

    bc728b40d4d71fde04c54620a0dbf66160e61b494de90199399cdc454a31f2ca3159b80dd2c9954495f9e8ad695056bddd07a6bec72c5c6f9ce54954c512aa94

  • SSDEEP

    768:2iepuNaPXwxQo8YjaIgsw0mxyxDafBMaAL32fKtE:zS/PXwSo8oFgHyVaf9tCi

Score
10/10
miraibotnetdiscoverylinux

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

C2

silly.chinks-eat-dogs.africa

Targets

    • Target

      9a2399175aee94f641d7ff8249ebf2d154a7925e5a4c2523e367149f4a3fb844.elf

    • Size

      65KB

    • MD5

      f367225d74f755b8cdd1b92f00b72e07

    • SHA1

      717df671ffb22035ae02ffa49772fe9dcfc29c9c

    • SHA256

      9a2399175aee94f641d7ff8249ebf2d154a7925e5a4c2523e367149f4a3fb844

    • SHA512

      8245a2a3488e313e3d603e794b8f113743b2889af20427980c946f2256671fe90fda191850b7b89ba82e4956d882224f0e6eadb7bee688edb96fcb4b1de5f04f

    • SSDEEP

      1536:/NFp7KQXRgoXRSEUV0wR56Q0X6P29V0RrSRGekCzOWl1noseaxshg4CUchSsd:1Fp7KQXRgoXRSEUV0wD6NqP29V0RTiOs

    Score
    9/10
    discovery

    • Contacts a large (110807) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks