mirai | 96285e06a00b4e6269d0b38a4d1ae419fd5bfca0dbb7e237408d4e509e2770dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c6fee1f637bf359615ebbcb180c2873.elf
Size

152KB
Sample

240526-kyv7rsda9x
MD5

2c6fee1f637bf359615ebbcb180c2873
SHA1

06201c4ffd8622234cc7686bc0b4875f7adf0e50
SHA256

96285e06a00b4e6269d0b38a4d1ae419fd5bfca0dbb7e237408d4e509e2770dd
SHA512

e87e1c065ccb105b275b8ce3dec8cfbbafe88a641ef0909f938d9b3e4034c39c42628077aec104448ede2486beb722648f253bf53592bc9d073661389d448e3a
SSDEEP

3072:3ElQsdwKmBFNUteZqXBlo7TnxCZmh5trpVZLw15VNYYURCuH:3EKKmBFNUteZqXBloXnxCZm5rnZLwZNS

Score

10^/10

mirai discovery linux

Malware Config

Extracted

Family

mirai

C2

woshishabi.zzy.rip

Targets

- Target
  
  2c6fee1f637bf359615ebbcb180c2873.elf
- Size
  
  152KB
- MD5
  
  2c6fee1f637bf359615ebbcb180c2873
- SHA1
  
  06201c4ffd8622234cc7686bc0b4875f7adf0e50
- SHA256
  
  96285e06a00b4e6269d0b38a4d1ae419fd5bfca0dbb7e237408d4e509e2770dd
- SHA512
  
  e87e1c065ccb105b275b8ce3dec8cfbbafe88a641ef0909f938d9b3e4034c39c42628077aec104448ede2486beb722648f253bf53592bc9d073661389d448e3a
- SSDEEP
  
  3072:3ElQsdwKmBFNUteZqXBlo7TnxCZmh5trpVZLw15VNYYURCuH:3EKKmBFNUteZqXBloXnxCZm5rnZLwZNS
Score

9^/10

discovery
- Contacts a large (300176) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1