mirai | 289f1230c586953343273a860ced1c3598aa67fe8d317a4bcef4ca6642b3bbe1 | Triage

Sharing

General

Target

50578ff2e8ed25b9fb0a4b2ca0d30d7f.bin
Size

55KB
Sample

231223-byqslsgch2
MD5

dd47dd0ded6ce99194fa70d0a7013840
SHA1

919738097bd770c9358b98e6a0913715037f4908
SHA256

289f1230c586953343273a860ced1c3598aa67fe8d317a4bcef4ca6642b3bbe1
SHA512

87aaadd46ae26c20acd939e6279b8b85ed9cce33a31776290bfc338ec7739167340f009561d0ef32758d9bca19b1f1f5e0606e921fe9d01b0c6bdf9f0c354605
SSDEEP

1536:iIcFP6iC/iv2cUTlioZ/cr34WGKGNpaLOPlF/ke0RWCWM:cFXCa+cI3Jcr34NrN7F/kTsU

Score

10^/10

mirai apep discovery

Malware Config

Extracted

Family

mirai

Botnet

APEP

Targets

- Target
  
  6023d3a78873210abd5c7cb3c4cb08d0004d29339ea8e6e602724602ba402247.elf
- Size
  
  123KB
- MD5
  
  50578ff2e8ed25b9fb0a4b2ca0d30d7f
- SHA1
  
  1496997051268e2f151816d46533a07150372372
- SHA256
  
  6023d3a78873210abd5c7cb3c4cb08d0004d29339ea8e6e602724602ba402247
- SHA512
  
  cdd3b77006a354cf6ce2ab9e510a890c6eecb4895b3fdc43785129148bf0fd97613a23303ac3300a42277edc4abce95d4a0aaa5b3bbb001223b846e91f7ee44c
- SSDEEP
  
  3072:mQcjorKiz1twQ/N1lCJCNx0bjRi7xKPXxM/9jB:mQcjorKiZWONPCJCNx0XROKPBM/9jB
Score

9^/10

discovery
- Contacts a large (229033) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1