mirai | 76ecb16ff20998815df19facd55329097f43cc24cf71c15f676f8632cade49fd | Triage

Sharing

General

Target

76ecb16ff20998815df19facd55329097f43cc24cf71c15f676f8632cade49fd.elf
Size

74KB
Sample

240212-ehqdpafc41
MD5

6bb45324f6cb6c46ddd3a6bf5d77b2eb
SHA1

8e9904bd1a42c22c6c2a0147361464a791b9ceb2
SHA256

76ecb16ff20998815df19facd55329097f43cc24cf71c15f676f8632cade49fd
SHA512

4721cb145863bd87696867aebc4b5dad7262bfa379a6098a70c1edcda975439f72fb4027370e5bab38a8b5a4f57a924ec29fd0b901ed74edb2ac66a4de6e7df6
SSDEEP

1536:JajEsbNVQPhThqScuot5QBLzWxMBtbdOQWNqtefBOv5mN:JajE3yDbQBLaxMH++T5M

Score

10^/10

mirai botnet discovery

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

- Target
  
  76ecb16ff20998815df19facd55329097f43cc24cf71c15f676f8632cade49fd.elf
- Size
  
  74KB
- MD5
  
  6bb45324f6cb6c46ddd3a6bf5d77b2eb
- SHA1
  
  8e9904bd1a42c22c6c2a0147361464a791b9ceb2
- SHA256
  
  76ecb16ff20998815df19facd55329097f43cc24cf71c15f676f8632cade49fd
- SHA512
  
  4721cb145863bd87696867aebc4b5dad7262bfa379a6098a70c1edcda975439f72fb4027370e5bab38a8b5a4f57a924ec29fd0b901ed74edb2ac66a4de6e7df6
- SSDEEP
  
  1536:JajEsbNVQPhThqScuot5QBLzWxMBtbdOQWNqtefBOv5mN:JajE3yDbQBLaxMH++T5M
Score

9^/10

discovery
- Contacts a large (76244) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Changes its process name
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1