mirai | 978e62b2ce1ae0248f7ffd4da6692d4de2b2cb20d084ed27007196b0b744eb0b | Triage

Submit
Reports

Overview

overview

Static

static

978e62b2ce...0b.elf

ubuntu-20.04-amd64

7

Sharing

General

Target

978e62b2ce1ae0248f7ffd4da6692d4de2b2cb20d084ed27007196b0b744eb0b.elf
Size

65KB
Sample

240422-b4zygadh22
MD5

6f1b1ef99ca4f554de499ccc6f9ba19a
SHA1

1094df49dfe7977f721243c0e1326717aabac158
SHA256

978e62b2ce1ae0248f7ffd4da6692d4de2b2cb20d084ed27007196b0b744eb0b
SHA512

730f16f67e5cd038b7ef467223ddd4a1b67674e8046ba2f061925de66bb56c11f8ed1a1041a231d7aedbeb3604b59ffaab9bd6b69ae4da0f18289d425cbd04a7
SSDEEP

1536:L+vP6noMjwzZBLvHxwHHalz4I2Okbsw5i4qtqzfSitRDh:ivyoMjwzZBLvCayHIEi70bTDh

Score

10^/10

mirai mirai evasion linux

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

978e62b2ce1ae0248f7ffd4da6692d4de2b2cb20d084ed27007196b0b744eb0b.elf

Resource

ubuntu2004-amd64-20240221-en

ubuntu-20.04-amd64

9 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  978e62b2ce1ae0248f7ffd4da6692d4de2b2cb20d084ed27007196b0b744eb0b.elf
- Size
  
  65KB
- MD5
  
  6f1b1ef99ca4f554de499ccc6f9ba19a
- SHA1
  
  1094df49dfe7977f721243c0e1326717aabac158
- SHA256
  
  978e62b2ce1ae0248f7ffd4da6692d4de2b2cb20d084ed27007196b0b744eb0b
- SHA512
  
  730f16f67e5cd038b7ef467223ddd4a1b67674e8046ba2f061925de66bb56c11f8ed1a1041a231d7aedbeb3604b59ffaab9bd6b69ae4da0f18289d425cbd04a7
- SSDEEP
  
  1536:L+vP6noMjwzZBLvHxwHHalz4I2Okbsw5i4qtqzfSitRDh:ivyoMjwzZBLvCayHIEi70bTDh
Score

7^/10

evasion
- Deletes Audit logs
  Deletes logs related to the Linux Audit framework.
  evasion
- Deletes itself
- Deletes journal logs
  Deletes systemd journal logs. Likely to evade detection.
  evasion
- Deletes system logs
  Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
  evasion
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Deletes log files
  Deletes log files on the system.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy