mirai | a813be1cfe7a2a85575c93668038bb0fc72512e8ab201e45f984112eea1a9aaa | Triage

Sharing

General

Target

da552da6b667ec537e37609f26915116.elf
Size

60KB
Sample

240530-ha681sad89
MD5

da552da6b667ec537e37609f26915116
SHA1

c22a9ef3759231fee3dbda1733fe970777a13815
SHA256

a813be1cfe7a2a85575c93668038bb0fc72512e8ab201e45f984112eea1a9aaa
SHA512

642596a4f3337fb565d8ab2fe9f1bb1aa276417430c36bf9afc405bfc1b2dacaf0fd9abb30b9da9e67f969c0bd4655c5cab1c325eb1c2a5b0c8af810d2b00930
SSDEEP

1536:JGxz/UNmNuYLAil9MHbPSemgv3/9acdC+M7rER6:Yxz/mYLAifM7D5v3/9LdJM/S6

Score

10^/10

mirai mirai botnet linux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

C2

us.8b8n.com

Targets

- Target
  
  da552da6b667ec537e37609f26915116.elf
- Size
  
  60KB
- MD5
  
  da552da6b667ec537e37609f26915116
- SHA1
  
  c22a9ef3759231fee3dbda1733fe970777a13815
- SHA256
  
  a813be1cfe7a2a85575c93668038bb0fc72512e8ab201e45f984112eea1a9aaa
- SHA512
  
  642596a4f3337fb565d8ab2fe9f1bb1aa276417430c36bf9afc405bfc1b2dacaf0fd9abb30b9da9e67f969c0bd4655c5cab1c325eb1c2a5b0c8af810d2b00930
- SSDEEP
  
  1536:JGxz/UNmNuYLAil9MHbPSemgv3/9acdC+M7rER6:Yxz/mYLAifM7D5v3/9LdJM/S6
Score

10^/10

mirai mirai botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Deletes itself
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

miraimiraibotnet