mirai | 5d7bf8064b2ad4de5f0975a9b5b2b3387a85c4cdd1eb29dbd91dba0a82c0f77d | Triage

Sharing

General

Target

cf4fc10514b0da9a1862ab4d3359d0c7.bin
Size

45KB
Sample

240608-etefkahg52
MD5

bbf91b6325bbc811b6ee8ece5b3794d5
SHA1

d1a8eb9342b35d53f279b6fd26a6537e966024e0
SHA256

5d7bf8064b2ad4de5f0975a9b5b2b3387a85c4cdd1eb29dbd91dba0a82c0f77d
SHA512

ed1628e10caffbadbd8b563ae99189cd1009e860326ae6af2de6862a0743d514115582f60a0b93a91dcb87ef8bdaa211a8ef99a767f58548016c8cb45c15efbc
SSDEEP

768:PYln2HOWQ/eN6WyGnNavt7rgTOholJj9ybcK9/a0sn/JTb/Xglp9cJh8S1tCtT4Y:8+OFc6WyaNaVIlhq/rs/JTTXu9cJh8vz

Score

10^/10

mirai mirai discovery linux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  457fe858cd319178986a0ebb8ace4ddf8b320c2530d24b713794332fc89eb683.elf
- Size
  
  96KB
- MD5
  
  cf4fc10514b0da9a1862ab4d3359d0c7
- SHA1
  
  99e9acc2b5daf8b8efa4ecdc356d1f97ca7bbb22
- SHA256
  
  457fe858cd319178986a0ebb8ace4ddf8b320c2530d24b713794332fc89eb683
- SHA512
  
  2139a92f906ffe544eea0093212cc609307be141f16832d2a1bedb3a01709289e666f32d40222200d349a6a785db964a3f45ed22dd014a6de651419386bbc770
- SSDEEP
  
  1536:T87oeNAdBagXZgdr+pBjZTiZfe897taAGcCwbZnZu14QHGCMXo:wbNAdBagXSrcit9RaICwbZnZu14QHeo
Score

9^/10

discovery
- Contacts a large (23673) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1