mirai | da995b21eec86f7e8d8b8d376ad138069987fb4f7efc4d67e26a73f486f22a30 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

7

8dab4c1f87...dcdaa1

debian-9-armhf

Sharing

General

Target

8dab4c1f87b0934db639b0ce28dcdaa1
Size

54KB
Sample

231220-hrg1fsgfcp
MD5

8dab4c1f87b0934db639b0ce28dcdaa1
SHA1

50c7201dc308a2fd0e4a93ce3ebd04ad5d3ae0a7
SHA256

da995b21eec86f7e8d8b8d376ad138069987fb4f7efc4d67e26a73f486f22a30
SHA512

d32009a6a4277da15db449fa8e1e020ca1757e8373e5fe34424e8a4356244525009bce208dbef451e5d3e9d5a41f030cccf9f607292c40be158c0b188bb2104b
SSDEEP

1536:8NvCoA4PBwI5gz8xTfN+LbqqCLlFmLRCyRoe7zA:8VCo3CQgwNQbdylQEVcs

Score

10^/10

mirai botnet discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8dab4c1f87b0934db639b0ce28dcdaa1

Resource

debian9-armhf-20231215-en

mirai botnet discovery

debian-9-armhf

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  8dab4c1f87b0934db639b0ce28dcdaa1
- Size
  
  54KB
- MD5
  
  8dab4c1f87b0934db639b0ce28dcdaa1
- SHA1
  
  50c7201dc308a2fd0e4a93ce3ebd04ad5d3ae0a7
- SHA256
  
  da995b21eec86f7e8d8b8d376ad138069987fb4f7efc4d67e26a73f486f22a30
- SHA512
  
  d32009a6a4277da15db449fa8e1e020ca1757e8373e5fe34424e8a4356244525009bce208dbef451e5d3e9d5a41f030cccf9f607292c40be158c0b188bb2104b
- SSDEEP
  
  1536:8NvCoA4PBwI5gz8xTfN+LbqqCLlFmLRCyRoe7zA:8VCo3CQgwNQbdylQEVcs
Score

10^/10

mirai botnet discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (167624) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Changes its process name
- Deletes log files
  Deletes log files on the system.
- Disables SELinux
  Disables SELinux security module.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

Credential Access

Discovery

Network Service Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraibotnetdiscovery

© 2018-2025

Terms | Privacy