mirai | 2342b7365fdc6b9590adfe278cbbcd9232c7535c01235f8bf11f03f50a718c99 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e15e8327c418cd46d91b57f8b1d9389a.elf
Size

61KB
Sample

240501-2fc2xabe92
MD5

e15e8327c418cd46d91b57f8b1d9389a
SHA1

3aa25ed858582b6cc1cfb55a74f4b31bd228cea9
SHA256

2342b7365fdc6b9590adfe278cbbcd9232c7535c01235f8bf11f03f50a718c99
SHA512

65fad6fc59588a3bd88059305271c912860f5c94964f43e9c43634e3a293a3df78e5697f18bcc9e2fcb7691dc17c55fb0571c917a3ebc8ba02b7b7527830654c
SSDEEP

1536:q6KB5VmtO8OkJnoJkVcdaEPf7ETCQv30Jcwx7:qVB5VmttOkJoJkidaEH7EeiO7x7

Score

10^/10

mirai linux

Malware Config

Targets

- Target
  
  e15e8327c418cd46d91b57f8b1d9389a.elf
- Size
  
  61KB
- MD5
  
  e15e8327c418cd46d91b57f8b1d9389a
- SHA1
  
  3aa25ed858582b6cc1cfb55a74f4b31bd228cea9
- SHA256
  
  2342b7365fdc6b9590adfe278cbbcd9232c7535c01235f8bf11f03f50a718c99
- SHA512
  
  65fad6fc59588a3bd88059305271c912860f5c94964f43e9c43634e3a293a3df78e5697f18bcc9e2fcb7691dc17c55fb0571c917a3ebc8ba02b7b7527830654c
- SSDEEP
  
  1536:q6KB5VmtO8OkJnoJkVcdaEPf7ETCQv30Jcwx7:qVB5VmttOkJoJkidaEH7EeiO7x7
Score

7^/10
- Deletes itself
- Renames itself
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1