Analysis Overview
score
10/10
SHA256
80fc5f558764200b47a49f4fa824e3c9bf92e5318dfda4b37a8c345ac143b572
Threat Level: Known bad
The file bot.x86_64.elf was found to be: Known bad.
Malicious Activity Summary
Mirai family
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2024-06-05 03:28
Signatures
Mirai family
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-05 03:28
Reported
2024-06-05 03:30
Platform
ubuntu2404-amd64-20240523-en
Max time network
150s
Command Line
N/A
Signatures
N/A
Processes
N/A
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| N/A | 224.0.0.251:5353 | udp | |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | _http._tcp.se.archive.ubuntu.com | udp |
| US | 8.8.8.8:53 | _http._tcp.security.ubuntu.com | udp |
| US | 8.8.8.8:53 | security.ubuntu.com | udp |
| US | 8.8.8.8:53 | security.ubuntu.com | udp |
| US | 8.8.8.8:53 | se.archive.ubuntu.com | udp |
| US | 8.8.8.8:53 | se.archive.ubuntu.com | udp |
| US | 91.189.91.82:80 | security.ubuntu.com | tcp |
| SE | 194.71.11.173:80 | se.archive.ubuntu.com | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
| US | 8.8.8.8:53 | cnc.zaloweb.ink | udp |
| VN | 103.179.189.37:43957 | cnc.zaloweb.ink | tcp |
Files
N/A