General

  • Target

    2eadd183292071e32305b1edd687513a.elf

  • Size

    146KB

  • Sample

    240223-kh5q9sed49

  • MD5

    2eadd183292071e32305b1edd687513a

  • SHA1

    d79502fc4a26bf21dde17ca03ec7862b8640b03a

  • SHA256

    43e3c10f7615a1b220e72cafee74e4bb60bd4c25ac31a2355793ef57e29cb149

  • SHA512

    662a832e0f0a0643889e741d668bc5f07a332ed5982fa5d02e67ce8e6e50d76e5e86ca176cae657079ff3f8470b12a1f9b1416f664553420e1e6a035ab80e41d

  • SSDEEP

    3072:MwGVETBqa5sMFyr4JdPN/Y8ssRCuFmS6v:MwGcqalQr4JZN/YJjomSO

Score
10/10

Malware Config

Extracted

Family

mirai

C2

ssh.fengye.info

Targets

    • Target

      2eadd183292071e32305b1edd687513a.elf

    • Size

      146KB

    • MD5

      2eadd183292071e32305b1edd687513a

    • SHA1

      d79502fc4a26bf21dde17ca03ec7862b8640b03a

    • SHA256

      43e3c10f7615a1b220e72cafee74e4bb60bd4c25ac31a2355793ef57e29cb149

    • SHA512

      662a832e0f0a0643889e741d668bc5f07a332ed5982fa5d02e67ce8e6e50d76e5e86ca176cae657079ff3f8470b12a1f9b1416f664553420e1e6a035ab80e41d

    • SSDEEP

      3072:MwGVETBqa5sMFyr4JdPN/Y8ssRCuFmS6v:MwGcqalQr4JZN/YJjomSO

    Score
    9/10
    • Contacts a large (94664) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Changes its process name

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks