mirai | 765665f9d417cdff6f99d7795bc7c9850ce8bf552c7b103dee32e24fcbe00145 | Triage

Submit
Reports

Overview

overview

Static

static

7

5ebe0fb8f6...7b3318

debian-9-mips

Sharing

Copy URL Twitter E-mail

General

Target

5ebe0fb8f6fc9f3c75ad6a83887b3318
Size

30KB
Sample

231222-egpe1abhep
MD5

5ebe0fb8f6fc9f3c75ad6a83887b3318
SHA1

4e56baee5a23f652a0bbefe27cb1c3f08b29dcf5
SHA256

765665f9d417cdff6f99d7795bc7c9850ce8bf552c7b103dee32e24fcbe00145
SHA512

0c72503d38d378ea191e6ec199684077848bc14451b4bfc42549f3928e9ef4df1b21e22552c2fe1a84296130432338bf3db5bf4957358aa2edbed1bddece1a0c
SSDEEP

768:i7Wpq877b1/4R7tIghTN07yOxJgGlzDpOFw81:RvbuBIgh50yODVUWy

Score

10^/10

mirai putin botnet upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5ebe0fb8f6fc9f3c75ad6a83887b3318

Resource

debian9-mipsbe-20231215-en

mirai putin botnet

debian-9-mips

4 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

PUTIN

Targets

- Target
  
  5ebe0fb8f6fc9f3c75ad6a83887b3318
- Size
  
  30KB
- MD5
  
  5ebe0fb8f6fc9f3c75ad6a83887b3318
- SHA1
  
  4e56baee5a23f652a0bbefe27cb1c3f08b29dcf5
- SHA256
  
  765665f9d417cdff6f99d7795bc7c9850ce8bf552c7b103dee32e24fcbe00145
- SHA512
  
  0c72503d38d378ea191e6ec199684077848bc14451b4bfc42549f3928e9ef4df1b21e22552c2fe1a84296130432338bf3db5bf4957358aa2edbed1bddece1a0c
- SSDEEP
  
  768:i7Wpq877b1/4R7tIghTN07yOxJgGlzDpOFw81:RvbuBIgh50yODVUWy
Score

10^/10

mirai putin botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Changes its process name
- Deletes itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

miraiputinbotnet

© 2018-2025

Terms | Privacy