mirai | 159e253d1044fcdc9a167e9370d772a173ffb00ad2ed530c9f115c2d07a1e256 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

159e253d1044fcdc9a167e9370d772a173ffb00ad2ed530c9f115c2d07a1e256.elf
Size

133KB
Sample

240229-f3znjafb87
MD5

ebe2c8a6db3ebcea5e06d411335df1d9
SHA1

d38a236f9e9fe23be675da9bf774853b8845eb9e
SHA256

159e253d1044fcdc9a167e9370d772a173ffb00ad2ed530c9f115c2d07a1e256
SHA512

4812e65d38b8d8067a73ee30836793e514b4275218c957d710bfb903003132755af125c591e55d90ff4665f60c0f61b57309da049da8aeae1cd5a438cd7224b4
SSDEEP

3072:nsaJBW3utlz1H8G9FDZOqMPzpctzkyYPL+E47M/9GNEYj:saJB2utlz1H8GTZOqMP1oYL+EAM/9FYj

Score

10^/10

mirai kurc

Malware Config

Extracted

Family

mirai

Botnet

KURC

Targets

- Target
  
  159e253d1044fcdc9a167e9370d772a173ffb00ad2ed530c9f115c2d07a1e256.elf
- Size
  
  133KB
- MD5
  
  ebe2c8a6db3ebcea5e06d411335df1d9
- SHA1
  
  d38a236f9e9fe23be675da9bf774853b8845eb9e
- SHA256
  
  159e253d1044fcdc9a167e9370d772a173ffb00ad2ed530c9f115c2d07a1e256
- SHA512
  
  4812e65d38b8d8067a73ee30836793e514b4275218c957d710bfb903003132755af125c591e55d90ff4665f60c0f61b57309da049da8aeae1cd5a438cd7224b4
- SSDEEP
  
  3072:nsaJBW3utlz1H8G9FDZOqMPzpctzkyYPL+E47M/9GNEYj:saJB2utlz1H8GTZOqMP1oYL+EAM/9FYj
Score

6^/10
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1