mirai | a9dc6744303c8b3d2e6dec03fcfd1898234aaca056c49fe0ebdf0db64e3e7f0c | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

7

65044bb916...kes118

ubuntu-20.04-amd64

Sharing

General

Target

65044bb916f7110f2328e1216c07d93e_JaffaCakes118
Size

30KB
Sample

240521-2hwxssce83
MD5

65044bb916f7110f2328e1216c07d93e
SHA1

2d5f53856cdb9d0641810dfb3fdfe27e7fa665ef
SHA256

a9dc6744303c8b3d2e6dec03fcfd1898234aaca056c49fe0ebdf0db64e3e7f0c
SHA512

c22150de86010825ba2a6e299cfb35b2826f64bc82852be7a716e05301706530f326c30fca919867256ea98104600a9df2810ccc078e89996dfd8347676b6eef
SSDEEP

768:w+HsbWt8UsJvlrhV2slj1OriaKJaVCUCEmW6Qo2A:w+H4WRbhrianVPCEmao2A

Score

10^/10

mirai unstable botnet discovery linux upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

65044bb916f7110f2328e1216c07d93e_JaffaCakes118

Resource

ubuntu2004-amd64-20240508-en

mirai unstable botnet discovery

ubuntu-20.04-amd64

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

- Target
  
  65044bb916f7110f2328e1216c07d93e_JaffaCakes118
- Size
  
  30KB
- MD5
  
  65044bb916f7110f2328e1216c07d93e
- SHA1
  
  2d5f53856cdb9d0641810dfb3fdfe27e7fa665ef
- SHA256
  
  a9dc6744303c8b3d2e6dec03fcfd1898234aaca056c49fe0ebdf0db64e3e7f0c
- SHA512
  
  c22150de86010825ba2a6e299cfb35b2826f64bc82852be7a716e05301706530f326c30fca919867256ea98104600a9df2810ccc078e89996dfd8347676b6eef
- SSDEEP
  
  768:w+HsbWt8UsJvlrhV2slj1OriaKJaVCUCEmW6Qo2A:w+H4WRbhrianVPCEmao2A
Score

10^/10

mirai unstable botnet discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (105622) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraiunstablebotnetdiscovery

© 2018-2025

Terms | Privacy