mirai | 160972cafc00594decf607ee6f3f483bccf95b07e9c866c3dfd83cbadc1650a3 | Triage

Sharing

General

Target

c451e6052e11308da8ecea0b1f97eb33.bin
Size

35KB
Sample

240403-b759nace95
MD5

de1bce90f37cd97458c87d8ef952fb54
SHA1

b6736cb93590331840fb1253b9626932fcc271d3
SHA256

160972cafc00594decf607ee6f3f483bccf95b07e9c866c3dfd83cbadc1650a3
SHA512

3683ae62afeabd081fd25865ba7d05d2bc1c6fad4388a3460deea324d6a44e88025e8f98b5d064d1af243f73fc03ba2ae9ccbe10807bf8c0a11eb899115542ef
SSDEEP

768:ToJQwaFDCsLlkgWs2xpdtCNQrElrP2ituwygZS7EK:EJQwaDCWWs+pLCNQol8wLS/

Score

10^/10

mirai mirai discovery linux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

C2

client.orxy.space

Targets

- Target
  
  f1177ed5175645c04536f34ceb702a955e53f5aebbc0df99a71ee3f9e6f2db7a.elf
- Size
  
  61KB
- MD5
  
  c451e6052e11308da8ecea0b1f97eb33
- SHA1
  
  2f5da733b821d859fb8f20a9f7f3ee489971b5e7
- SHA256
  
  f1177ed5175645c04536f34ceb702a955e53f5aebbc0df99a71ee3f9e6f2db7a
- SHA512
  
  0f9b0871f3178202f2d9bffbc631ab781f5c388f3d2e394c687edc6c1ddcc45437f66e00a7631910cc2889a10546393cf056b6d74f676acc248dc865cffdb723
- SSDEEP
  
  1536:2JGQevkxS6h9+GUWvQ2uBSVCc/62vwmZtSwz:2Jzskk6uEnuQCGLvnz
Score

9^/10

discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Changes its process name
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1