mirai | 0e9029207f1f762275fa9d5bf88a547004ebbe8b430bc0fda325f8f7a88920c7 | Triage

Submit
Reports

Overview

overview

Static

static

31dd438c32...44.elf

ubuntu-18.04-amd64

9

Sharing

Copy URL Twitter E-mail

General

Target

31dd438c323b07e86776ba7c69fb8444.elf
Size

37KB
Sample

240315-qsynlabf67
MD5

31dd438c323b07e86776ba7c69fb8444
SHA1

94bc81ca8b54fe8c26fcf5de553eac160352e3c8
SHA256

0e9029207f1f762275fa9d5bf88a547004ebbe8b430bc0fda325f8f7a88920c7
SHA512

e15d5697358691471213b83b976c2bd919a05060cfcabfe3f29a21b0df02eccbf941c149fb33ae9d3c70c733acec1d0a2210033cbdf7a205d22e753840be0cd2
SSDEEP

768:6ryDw+2jd+xIPTWri8wklJugN7V3NwXVAaceiV5og:7w+2j02PirrigN7jwXVxceivog

Score

10^/10

mirai botnet discovery linux

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

31dd438c323b07e86776ba7c69fb8444.elf

Resource

ubuntu1804-amd64-20240226-en

ubuntu-18.04-amd64

6 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

C2

zyzy.duckdns.org

Targets

- Target
  
  31dd438c323b07e86776ba7c69fb8444.elf
- Size
  
  37KB
- MD5
  
  31dd438c323b07e86776ba7c69fb8444
- SHA1
  
  94bc81ca8b54fe8c26fcf5de553eac160352e3c8
- SHA256
  
  0e9029207f1f762275fa9d5bf88a547004ebbe8b430bc0fda325f8f7a88920c7
- SHA512
  
  e15d5697358691471213b83b976c2bd919a05060cfcabfe3f29a21b0df02eccbf941c149fb33ae9d3c70c733acec1d0a2210033cbdf7a205d22e753840be0cd2
- SSDEEP
  
  768:6ryDw+2jd+xIPTWri8wklJugN7V3NwXVAaceiV5og:7w+2j02PirrigN7jwXVxceivog
Score

9^/10

discovery
- Contacts a large (76260) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy