mirai | f1cd75bfb287dc4e84637509afd817de2a89e8b25a217d9c265277ae1948c70e | Triage

Submit
Reports

Overview

overview

Static

static

f1cd75bfb2...0e.elf

debian-12-mipsel

9

Sharing

General

Target

f1cd75bfb287dc4e84637509afd817de2a89e8b25a217d9c265277ae1948c70e.elf
Size

67KB
Sample

240319-djvt5agf5v
MD5

c2aec2e79b3e1dd79e1e77308d4b80cb
SHA1

2da5d4b9ffd7c147cc18e2169c3249132e1ad98f
SHA256

f1cd75bfb287dc4e84637509afd817de2a89e8b25a217d9c265277ae1948c70e
SHA512

017c84f6d1f38fd4f210ac11088f812a94d2c6213570dad19561a2c1c7b72cd9dfd6e10656b97e26a11a1e5bbb7f5eadbcd54fc71507468d91b3e91fb6aa7cbd
SSDEEP

1536:XN1FyOKY49VIg4dJ6no3ILvTc9+B6Zwnz4ag:X/FyOKY49VX4j6o+Eq

Score

10^/10

mirai botnet discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f1cd75bfb287dc4e84637509afd817de2a89e8b25a217d9c265277ae1948c70e.elf

Resource

debian12-mipsel-20240221-en

debian-12-mipsel

6 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

- Target
  
  f1cd75bfb287dc4e84637509afd817de2a89e8b25a217d9c265277ae1948c70e.elf
- Size
  
  67KB
- MD5
  
  c2aec2e79b3e1dd79e1e77308d4b80cb
- SHA1
  
  2da5d4b9ffd7c147cc18e2169c3249132e1ad98f
- SHA256
  
  f1cd75bfb287dc4e84637509afd817de2a89e8b25a217d9c265277ae1948c70e
- SHA512
  
  017c84f6d1f38fd4f210ac11088f812a94d2c6213570dad19561a2c1c7b72cd9dfd6e10656b97e26a11a1e5bbb7f5eadbcd54fc71507468d91b3e91fb6aa7cbd
- SSDEEP
  
  1536:XN1FyOKY49VIg4dJ6no3ILvTc9+B6Zwnz4ag:X/FyOKY49VX4j6o+Eq
Score

9^/10

discovery
- Contacts a large (108987) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy