mirai | d525bbb78b87ed3b8b4d3ba63041267a8229f39af0b58078925a9f6b842077ee | Triage

Sharing

General

Target

d525bbb78b87ed3b8b4d3ba63041267a8229f39af0b58078925a9f6b842077ee.elf
Size

51KB
Sample

240529-njdwqadf33
MD5

6bf86df8c9d8f78c8bfd3ac7e969d74a
SHA1

1f68b6e4ab917148b1c7467489064e5f5cb8bf8a
SHA256

d525bbb78b87ed3b8b4d3ba63041267a8229f39af0b58078925a9f6b842077ee
SHA512

326c280d25d6266600546d721b1247ed957fbfcd708b52138e5b328c4bcdc65edeb15afe23597f55b41c02ccbedea98c8e623df36fc438369984aacae5d508ab
SSDEEP

768:fiCWW5dzHWXVXby2J5EkUOBY8vmDsHpcweosuzTcSPkWt5s/NPgBmQE1zg:cWPzI5EYzvmDjwdzTcaLt5s2Bik

Score

10^/10

mirai botnet discovery

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

- Target
  
  d525bbb78b87ed3b8b4d3ba63041267a8229f39af0b58078925a9f6b842077ee.elf
- Size
  
  51KB
- MD5
  
  6bf86df8c9d8f78c8bfd3ac7e969d74a
- SHA1
  
  1f68b6e4ab917148b1c7467489064e5f5cb8bf8a
- SHA256
  
  d525bbb78b87ed3b8b4d3ba63041267a8229f39af0b58078925a9f6b842077ee
- SHA512
  
  326c280d25d6266600546d721b1247ed957fbfcd708b52138e5b328c4bcdc65edeb15afe23597f55b41c02ccbedea98c8e623df36fc438369984aacae5d508ab
- SSDEEP
  
  768:fiCWW5dzHWXVXby2J5EkUOBY8vmDsHpcweosuzTcSPkWt5s/NPgBmQE1zg:cWPzI5EYzvmDjwdzTcaLt5s2Bik
Score

9^/10

discovery
- Contacts a large (115159) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1