mirai | 457fe858cd319178986a0ebb8ace4ddf8b320c2530d24b713794332fc89eb683 | Triage

Sharing

General

Target

skid.x86.elf
Size

96KB
Sample

240606-zgewsach24
MD5

cf4fc10514b0da9a1862ab4d3359d0c7
SHA1

99e9acc2b5daf8b8efa4ecdc356d1f97ca7bbb22
SHA256

457fe858cd319178986a0ebb8ace4ddf8b320c2530d24b713794332fc89eb683
SHA512

2139a92f906ffe544eea0093212cc609307be141f16832d2a1bedb3a01709289e666f32d40222200d349a6a785db964a3f45ed22dd014a6de651419386bbc770
SSDEEP

1536:T87oeNAdBagXZgdr+pBjZTiZfe897taAGcCwbZnZu14QHGCMXo:wbNAdBagXSrcit9RaICwbZnZu14QHeo

Score

10^/10

mirai mirai discovery linux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  skid.x86.elf
- Size
  
  96KB
- MD5
  
  cf4fc10514b0da9a1862ab4d3359d0c7
- SHA1
  
  99e9acc2b5daf8b8efa4ecdc356d1f97ca7bbb22
- SHA256
  
  457fe858cd319178986a0ebb8ace4ddf8b320c2530d24b713794332fc89eb683
- SHA512
  
  2139a92f906ffe544eea0093212cc609307be141f16832d2a1bedb3a01709289e666f32d40222200d349a6a785db964a3f45ed22dd014a6de651419386bbc770
- SSDEEP
  
  1536:T87oeNAdBagXZgdr+pBjZTiZfe897taAGcCwbZnZu14QHGCMXo:wbNAdBagXSrcit9RaICwbZnZu14QHeo
Score

9^/10

discovery
- Contacts a large (23989) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1