mirai | a813be1cfe7a2a85575c93668038bb0fc72512e8ab201e45f984112eea1a9aaa

Analysis

max time kernel
148s
max time network
132s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240508-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240508-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
30-05-2024 06:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

da552da6b667ec537e37609f26915116.elf
Size

60KB
MD5

da552da6b667ec537e37609f26915116
SHA1

c22a9ef3759231fee3dbda1733fe970777a13815
SHA256

a813be1cfe7a2a85575c93668038bb0fc72512e8ab201e45f984112eea1a9aaa
SHA512

642596a4f3337fb565d8ab2fe9f1bb1aa276417430c36bf9afc405bfc1b2dacaf0fd9abb30b9da9e67f969c0bd4655c5cab1c325eb1c2a5b0c8af810d2b00930
SSDEEP

1536:JGxz/UNmNuYLAil9MHbPSemgv3/9acdC+M7rER6:Yxz/mYLAifM7D5v3/9LdJM/S6

Score

10^/10

mirai mirai botnet

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

us.8b8n.com

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Deletes itself 1 IoCs

Processes:

da552da6b667ec537e37609f26915116.elf

pid process

1487 da552da6b667ec537e37609f26915116.elf
Writes file to system bin folder 1 TTPs 1 IoCs

Hijack Execution Flow
T1574

Processes:

da552da6b667ec537e37609f26915116.elf

description ioc process

File opened for modification /sbin/.libso da552da6b667ec537e37609f26915116.elf

pid	process
1487	da552da6b667ec537e37609f26915116.elf

description	ioc	process
File opened for modification	/sbin/.libso	da552da6b667ec537e37609f26915116.elf

/tmp/da552da6b667ec537e37609f26915116.elf
/tmp/da552da6b667ec537e37609f26915116.elf
1⤵
- Deletes itself
- Writes file to system bin folder
PID:1487

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Hijack Execution Flow

T1574

Privilege Escalation

Hijack Execution Flow

T1574

Defense Evasion

Hijack Execution Flow

T1574

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

/sbin/.libso
Filesize
60KB

MD5
da552da6b667ec537e37609f26915116

SHA1
c22a9ef3759231fee3dbda1733fe970777a13815

SHA256
a813be1cfe7a2a85575c93668038bb0fc72512e8ab201e45f984112eea1a9aaa

SHA512
642596a4f3337fb565d8ab2fe9f1bb1aa276417430c36bf9afc405bfc1b2dacaf0fd9abb30b9da9e67f969c0bd4655c5cab1c325eb1c2a5b0c8af810d2b00930

Download Submit

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads