mirai | b9f181190f3973141da5bab0d9e980dd5fe3783287a003c7b8ee5d1e26e65d4c | Triage

Sharing

General

Target

a504016b26988a54ab1664b6672990d2.elf
Size

92KB
Sample

240404-vejdzach9t
MD5

a504016b26988a54ab1664b6672990d2
SHA1

3b4dd6b30a835e1ca24f751123bd0be91cfa0662
SHA256

b9f181190f3973141da5bab0d9e980dd5fe3783287a003c7b8ee5d1e26e65d4c
SHA512

8d6eed3738049db7885af0919412e59772278a70f9fff313bdb7a2a9974f7d17e83a56fe46579b48b07e447c1a8a6d1a56b8193c7d8fa7455c1f1d4366c524a4
SSDEEP

1536:Rlhu6EQ54YzywrPbs4CcfdXtzTbg1Ar+cMXejJ0m7iiOQxaE:vw6D5JtT4ArnMOfiiOo7

Score

10^/10

mirai mirai

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  a504016b26988a54ab1664b6672990d2.elf
- Size
  
  92KB
- MD5
  
  a504016b26988a54ab1664b6672990d2
- SHA1
  
  3b4dd6b30a835e1ca24f751123bd0be91cfa0662
- SHA256
  
  b9f181190f3973141da5bab0d9e980dd5fe3783287a003c7b8ee5d1e26e65d4c
- SHA512
  
  8d6eed3738049db7885af0919412e59772278a70f9fff313bdb7a2a9974f7d17e83a56fe46579b48b07e447c1a8a6d1a56b8193c7d8fa7455c1f1d4366c524a4
- SSDEEP
  
  1536:Rlhu6EQ54YzywrPbs4CcfdXtzTbg1Ar+cMXejJ0m7iiOQxaE:vw6D5JtT4ArnMOfiiOo7
Score

7^/10
- Changes its process name
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1