mirai | f3d5ae835b02002a50396c70b611c546760e18d666bca9cc2f3bcbd998974362 | Triage

Sharing

General

Target

f3d5ae835b02002a50396c70b611c546760e18d666bca9cc2f3bcbd998974362.elf
Size

53KB
Sample

240504-b9rjaaac5y
MD5

699288e9db2c10f824e09f6bcfc5b6c7
SHA1

cc4270b4ac232a3d50c9bf8f4456a05f3fe4ce45
SHA256

f3d5ae835b02002a50396c70b611c546760e18d666bca9cc2f3bcbd998974362
SHA512

fecfbed79e16fadf1cc78249a1dbb4be0fbff3535f5eb4661ee75949946b0b8c882d8c5afdf1c61de91edf3a895016fee7213bcb32ab91a45d760d47e15b8d3a
SSDEEP

1536:SPrPmTbPibg1y2+OIBcaiRYcUE63JPbrmmnYqmwbZn:gPmbP2CyPOIsRYcR6Fb3nYqmwbZn

Score

10^/10

mirai linux

Malware Config

Targets

- Target
  
  f3d5ae835b02002a50396c70b611c546760e18d666bca9cc2f3bcbd998974362.elf
- Size
  
  53KB
- MD5
  
  699288e9db2c10f824e09f6bcfc5b6c7
- SHA1
  
  cc4270b4ac232a3d50c9bf8f4456a05f3fe4ce45
- SHA256
  
  f3d5ae835b02002a50396c70b611c546760e18d666bca9cc2f3bcbd998974362
- SHA512
  
  fecfbed79e16fadf1cc78249a1dbb4be0fbff3535f5eb4661ee75949946b0b8c882d8c5afdf1c61de91edf3a895016fee7213bcb32ab91a45d760d47e15b8d3a
- SSDEEP
  
  1536:SPrPmTbPibg1y2+OIBcaiRYcUE63JPbrmmnYqmwbZn:gPmbP2CyPOIsRYcR6Fb3nYqmwbZn
Score

7^/10
- Deletes itself
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1