mirai | 41d02078cd8c25fad0748c4de8fd08ae7ccfa62f145ab74b42eb3f6aac6c7b7b | Triage

Sharing

General

Target

611a64ef78208e02cb080abcae3b9c6a.bin
Size

74KB
Sample

240625-cfywyayapp
MD5

a5815887d756df0ee0a15904237d785e
SHA1

e3bd84bf4b2264792a7d2c1a91d4ec3cfa2c5831
SHA256

41d02078cd8c25fad0748c4de8fd08ae7ccfa62f145ab74b42eb3f6aac6c7b7b
SHA512

4e489a1632a666eb85bd1def2c113cd0ec68f317c648578233b8cdab01fea097dde73c40a8e9c4c15f0986fb1095b5febda3bbda16917f71f6c3fefaeaff41a0
SSDEEP

1536:IA+8rDtpTXPFV3SjguleJtn9pd8HdL+q58sDYXYPh9CPpV1Ys:IZ8ntpjP/lulgnNwB+q62YoZWb

Score

10^/10

mirai mirai discovery

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  88eec0fde18154b67d32b95216d1c36882c481bef454b3540d5bfc9ea858684c.elf
- Size
  
  164KB
- MD5
  
  611a64ef78208e02cb080abcae3b9c6a
- SHA1
  
  1dd82a416a612bdb23321485cb37d94d07fa5064
- SHA256
  
  88eec0fde18154b67d32b95216d1c36882c481bef454b3540d5bfc9ea858684c
- SHA512
  
  77138e7fd68fcc7b057973e641cf026bb5bd46b1d8316fc42aec31aa620dde795037d6b939bce064cbdc1c9bfb89e55821f848161c34126cde58da16e5745ed9
- SSDEEP
  
  3072:OhNHG4r7t4G1dE3a3wjo7Dwe8AQoIUYSwbZn5R6NhnM/9jGs3b:WN5a4i3a3wjo7Dr8AHLwR5R6NxM/9jGs
Score

9^/10

discovery
- Contacts a large (23991) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1