mirai | 1084de2c6b276091fb6bb724ebd0db0def1f47c4f85eb0704a494b6149961bed | Triage

Sharing

General

Target

1084de2c6b276091fb6bb724ebd0db0def1f47c4f85eb0704a494b6149961bed.elf
Size

62KB
Sample

240409-bewjracg91
MD5

35ef78b937ca3f4657077a2da1e74a9f
SHA1

ef11361c058991421f48764a94c2916985c89b1b
SHA256

1084de2c6b276091fb6bb724ebd0db0def1f47c4f85eb0704a494b6149961bed
SHA512

461b492cdc9b9741cccc9080fcbdb018380288aea168cea2e97fc43090f3ff286e03177ac4ae842f9465c0527ef7f301f68f65f51b9033d7e318a8f7e80f40b3
SSDEEP

768:Xq0PX0mnimIrBjKeHne+qeDNBkxlZszfXiowAu4I8qw:XqSX0mmu+nXq6NBkbZszBJt

Score

10^/10

mirai

Malware Config

Targets

- Target
  
  1084de2c6b276091fb6bb724ebd0db0def1f47c4f85eb0704a494b6149961bed.elf
- Size
  
  62KB
- MD5
  
  35ef78b937ca3f4657077a2da1e74a9f
- SHA1
  
  ef11361c058991421f48764a94c2916985c89b1b
- SHA256
  
  1084de2c6b276091fb6bb724ebd0db0def1f47c4f85eb0704a494b6149961bed
- SHA512
  
  461b492cdc9b9741cccc9080fcbdb018380288aea168cea2e97fc43090f3ff286e03177ac4ae842f9465c0527ef7f301f68f65f51b9033d7e318a8f7e80f40b3
- SSDEEP
  
  768:Xq0PX0mnimIrBjKeHne+qeDNBkxlZszfXiowAu4I8qw:XqSX0mmu+nXq6NBkbZszBJt
Score

7^/10
- Changes its process name
- Deletes itself
- Renames itself
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1