mirai | f09955ad647b24da9f87de6f5fe02dcbb20bf00eb682baf5df5825b6026bf2aa | Triage

Sharing

General

Target

f09955ad647b24da9f87de6f5fe02dcbb20bf00eb682baf5df5825b6026bf2aa.elf
Size

153KB
Sample

240212-ff4c7sbe2v
MD5

9c6b435dfcafdcf365bc065cf080a97a
SHA1

77e48c10811a459fa011a6db202698b259279b5b
SHA256

f09955ad647b24da9f87de6f5fe02dcbb20bf00eb682baf5df5825b6026bf2aa
SHA512

5c237874e47af43c00f93559f8fed89148d38d488509ec0677136ce988807eac692a4d3f9ae4ed37175d954016a0c0c1b3d2aecdfe573342cbb4b46611a61bac
SSDEEP

3072:czvupszCkqCzUaqhlngCTf2h5gFr7IBcmCSwAM/9ybGE:czvBzUiUaqhlngCTOh5EpmCS3M/9ybGE

Score

10^/10

mirai botnet discovery

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

- Target
  
  f09955ad647b24da9f87de6f5fe02dcbb20bf00eb682baf5df5825b6026bf2aa.elf
- Size
  
  153KB
- MD5
  
  9c6b435dfcafdcf365bc065cf080a97a
- SHA1
  
  77e48c10811a459fa011a6db202698b259279b5b
- SHA256
  
  f09955ad647b24da9f87de6f5fe02dcbb20bf00eb682baf5df5825b6026bf2aa
- SHA512
  
  5c237874e47af43c00f93559f8fed89148d38d488509ec0677136ce988807eac692a4d3f9ae4ed37175d954016a0c0c1b3d2aecdfe573342cbb4b46611a61bac
- SSDEEP
  
  3072:czvupszCkqCzUaqhlngCTf2h5gFr7IBcmCSwAM/9ybGE:czvBzUiUaqhlngCTOh5EpmCS3M/9ybGE
Score

9^/10

discovery
- Contacts a large (76241) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Changes its process name
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1