mirai | 76f34b2889705198e93fab5eed43b4b0b09303e0cbbb23dcb576bce6948b0602 | Triage

Sharing

General

Target

5567cdaa0ea470b52934671be6c87e2d.elf
Size

61KB
Sample

240608-lwmchsbf85
MD5

5567cdaa0ea470b52934671be6c87e2d
SHA1

96938fbfa9c798494f5b99fe03a4595a5dc8c59e
SHA256

76f34b2889705198e93fab5eed43b4b0b09303e0cbbb23dcb576bce6948b0602
SHA512

556029a11c16c04a70287567295a0c83c83444cf9ced7a720bbcc216db79e04186199829a9ada94509c2b7d40b0e6c02331a2c1dca456b9193184de5a425b17c
SSDEEP

1536:96SVU/xOE9QC6VJveMfTgHtCkVFPka1C:0SVUQEyCWxeMbUAkVFk

Score

10^/10

mirai mirai discovery linux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  5567cdaa0ea470b52934671be6c87e2d.elf
- Size
  
  61KB
- MD5
  
  5567cdaa0ea470b52934671be6c87e2d
- SHA1
  
  96938fbfa9c798494f5b99fe03a4595a5dc8c59e
- SHA256
  
  76f34b2889705198e93fab5eed43b4b0b09303e0cbbb23dcb576bce6948b0602
- SHA512
  
  556029a11c16c04a70287567295a0c83c83444cf9ced7a720bbcc216db79e04186199829a9ada94509c2b7d40b0e6c02331a2c1dca456b9193184de5a425b17c
- SSDEEP
  
  1536:96SVU/xOE9QC6VJveMfTgHtCkVFPka1C:0SVUQEyCWxeMbUAkVFk
Score

9^/10

discovery
- Contacts a large (20399) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1