mirai | 2d3cb8bf82f34f095b7e82af28100d40999f0f58e9fc1bd58de9d053692ff9c5 | Triage

Sharing

General

Target

3e0053d7c268d69a7d08e03aac2884f2.bin
Size

39KB
Sample

240625-cbkhravaqc
MD5

298902dd66b54950779d1bf35f084cfa
SHA1

eb98e23155658b605c8fbf80c822288a808a0346
SHA256

2d3cb8bf82f34f095b7e82af28100d40999f0f58e9fc1bd58de9d053692ff9c5
SHA512

d639e9a8440fbddd7cf1d10dbc4f377eb549769155952fd70ceeb83ce70458a8b6138d3e469a2f02883453beef7929f3fa4c22016d6bcdc984fb491df098a9eb
SSDEEP

768:8JC8zigY3OYyRPtyRVaOXS4WHH3AbBvYTQaO4RSZ1nm6A7SFF:8Jo3OtktEsln4Q1WU

Score

10^/10

mirai mirai discovery linux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  0b7676a94f97b4fbb23e252615184d934c8efd618c5865b90d5512567566254a.elf
- Size
  
  76KB
- MD5
  
  3e0053d7c268d69a7d08e03aac2884f2
- SHA1
  
  b1ea915a6f5fab9c6702b70ecdefa3fdbe808d6c
- SHA256
  
  0b7676a94f97b4fbb23e252615184d934c8efd618c5865b90d5512567566254a
- SHA512
  
  dea48a72fe5857c120de1e1ffcf6d80174e9d89c97d62a1aedfc31cc03087a4fa0983c05b6c4f35f2bbc15e1ddc9075779f9e681063cfe53fb6b10fc0db5d3cd
- SSDEEP
  
  1536:S4Vxmlp7eJ2Ff/cBGBLNPcYhd3PO3mAj9X77a3qSa9EGA61GaLQpmX5FwbZnx:S4ilp7qA3KsL/d3W3j9L7ZSbGAGLQpmQ
Score

9^/10

discovery
- Contacts a large (23992) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1