mirai | 6c264bfd4594fa8fecef25dcc55dff4e4063fa3985428ac5492700defe50239c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

skyljne.arm5.elf
Size

145KB
Sample

240110-s77adsacfj
MD5

2a45852dbc079011d8679a0e71f34028
SHA1

78fca7aea09ccea2375817fd18a90208a7bfed91
SHA256

6c264bfd4594fa8fecef25dcc55dff4e4063fa3985428ac5492700defe50239c
SHA512

ddc0a5113c1bbcda39df15da8e51d497e6ab6e939a06f8c994b981d1065d5fa806b97699a104a85504aec3faffd65258d233c055a7706672e206967a57466111
SSDEEP

3072:S/aWJYvEZupYV1cx4lBz7QFu1/6yY6jEtIz:S/a7PpSGx4ll7QFhyPjEk

Score

10^/10

mirai discovery

Malware Config

Extracted

Family

mirai

C2

bngoc.skyljne.click

Targets

- Target
  
  skyljne.arm5.elf
- Size
  
  145KB
- MD5
  
  2a45852dbc079011d8679a0e71f34028
- SHA1
  
  78fca7aea09ccea2375817fd18a90208a7bfed91
- SHA256
  
  6c264bfd4594fa8fecef25dcc55dff4e4063fa3985428ac5492700defe50239c
- SHA512
  
  ddc0a5113c1bbcda39df15da8e51d497e6ab6e939a06f8c994b981d1065d5fa806b97699a104a85504aec3faffd65258d233c055a7706672e206967a57466111
- SSDEEP
  
  3072:S/aWJYvEZupYV1cx4lBz7QFu1/6yY6jEtIz:S/a7PpSGx4ll7QFhyPjEk
Score

9^/10

discovery
- Contacts a large (84761) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1