Overview

overview

10

Static

static

7

arm7

debian-9-armhf

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    arm7

  • Size

    58KB

  • Sample

    240212-xb3pjscf52

  • MD5

    60b10da752b888d644e650933a3379f2

  • SHA1

    3ed6c0b972869da6273757f3f1c94d8d351d11dc

  • SHA256

    4e2c5513cf1c4a3c12c6e108d0120d57355b3411c30d59dfb0d263ad932b6868

  • SHA512

    002a6e7f6c4d909056cc51e227fcc8c776ccad9d1e600513a83ce4876cd035bb12f129ca3a1a48d21d76bd654058c19af55fe3d3a66186786779dc8bf4df8e4b

  • SSDEEP

    1536:vPsS3RDMckLByMgLGohIovgh5/CLNh4Mt/hr25eg2:vPsSBDMcnxzQh5qLNhH3K5S

Score
10/10
miraimiraibotnetdiscoveryupx

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

    • Target

      arm7

    • Size

      58KB

    • MD5

      60b10da752b888d644e650933a3379f2

    • SHA1

      3ed6c0b972869da6273757f3f1c94d8d351d11dc

    • SHA256

      4e2c5513cf1c4a3c12c6e108d0120d57355b3411c30d59dfb0d263ad932b6868

    • SHA512

      002a6e7f6c4d909056cc51e227fcc8c776ccad9d1e600513a83ce4876cd035bb12f129ca3a1a48d21d76bd654058c19af55fe3d3a66186786779dc8bf4df8e4b

    • SSDEEP

      1536:vPsS3RDMckLByMgLGohIovgh5/CLNh4Mt/hr25eg2:vPsSBDMcnxzQh5qLNhH3K5S

    Score
    10/10
    miraimiraibotnetdiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Contacts a large (73694) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Changes its process name

    • Deletes itself

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks