mirai | 5f80963927ed368bde2088a7fcb80d3710dda8c50524413926930d49c046457e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

KKveTTgaAAsecNNaaaa.arm.elf
Size

77KB
Sample

240606-fgtkdsha6t
MD5

73573780b40a7e68e555fdca3094a2b8
SHA1

eb8a0b7bc74fafa5a90e18862a6eea073d5b9dd9
SHA256

5f80963927ed368bde2088a7fcb80d3710dda8c50524413926930d49c046457e
SHA512

4ab68849093924ad8518b669e1d3ff8d065680bbb1a8d3df7fe05c9582e562778bcb364b807820544e6b8e49013b0dd50c7d0c9420ec2c0f627f69262d05e8d8
SSDEEP

1536:347KbVDNqA8j8zHdsPHvdbu1ltVNEzB8t46IOv+JyCn:34GbOAiPPMtod84PO2Jr

Score

10^/10

mirai discovery

Malware Config

Extracted

Family

mirai

C2

hihi.blazingnetwork.pro

Targets

- Target
  
  KKveTTgaAAsecNNaaaa.arm.elf
- Size
  
  77KB
- MD5
  
  73573780b40a7e68e555fdca3094a2b8
- SHA1
  
  eb8a0b7bc74fafa5a90e18862a6eea073d5b9dd9
- SHA256
  
  5f80963927ed368bde2088a7fcb80d3710dda8c50524413926930d49c046457e
- SHA512
  
  4ab68849093924ad8518b669e1d3ff8d065680bbb1a8d3df7fe05c9582e562778bcb364b807820544e6b8e49013b0dd50c7d0c9420ec2c0f627f69262d05e8d8
- SSDEEP
  
  1536:347KbVDNqA8j8zHdsPHvdbu1ltVNEzB8t46IOv+JyCn:34GbOAiPPMtod84PO2Jr
Score

9^/10

discovery
- Contacts a large (23028) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1