mirai | c7dbab1e4dcfb49f3cf5d0bb0a743a400ec3719a0c40494c74078e27eda1e065 | Triage

Sharing

General

Target

c7dbab1e4dcfb49f3cf5d0bb0a743a400ec3719a0c40494c74078e27eda1e065.elf
Size

45KB
Sample

240529-cb55fsef77
MD5

df009b3d666e3ae272b1ae1a5f0df341
SHA1

02cdbe0036ebfae8dae8e2fbf17f1ac51ca364a4
SHA256

c7dbab1e4dcfb49f3cf5d0bb0a743a400ec3719a0c40494c74078e27eda1e065
SHA512

888b04606bfcd638f34ec522c245e2370bc7721a4c126136e6c1518dc1a8ec897e1f03873746a57b8819cb01247d2e4c1da2296b6a1460ce8b5664dc3245a61a
SSDEEP

768:T8/MjSNW4GBs82WETRRjBWVbFoQGpYHg+ZdG:T8/MjSNW4GBz3EtcbxcYHhZdG

Score

10^/10

mirai botnet discovery linux

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

C2

telnet.8b8n.com

Targets

- Target
  
  c7dbab1e4dcfb49f3cf5d0bb0a743a400ec3719a0c40494c74078e27eda1e065.elf
- Size
  
  45KB
- MD5
  
  df009b3d666e3ae272b1ae1a5f0df341
- SHA1
  
  02cdbe0036ebfae8dae8e2fbf17f1ac51ca364a4
- SHA256
  
  c7dbab1e4dcfb49f3cf5d0bb0a743a400ec3719a0c40494c74078e27eda1e065
- SHA512
  
  888b04606bfcd638f34ec522c245e2370bc7721a4c126136e6c1518dc1a8ec897e1f03873746a57b8819cb01247d2e4c1da2296b6a1460ce8b5664dc3245a61a
- SSDEEP
  
  768:T8/MjSNW4GBs82WETRRjBWVbFoQGpYHg+ZdG:T8/MjSNW4GBz3EtcbxcYHhZdG
Score

9^/10

discovery
- Contacts a large (114895) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1