mirai | 6f1807bd00b271807e104211ee0a49c3d50f651d186cfca8295dab2d28329d8a | Triage

Submit
Reports

Overview

overview

Static

static

7

sora.arm7

debian-9-armhf

Sharing

Copy URL Twitter E-mail

General

Target

sora.arm7
Size

53KB
Sample

240712-t2ylqstdqb
MD5

59a7319860856987828fbc686b6c9bbb
SHA1

a98e3b3af9f90ce1422f5c07e2eca973f1975e46
SHA256

6f1807bd00b271807e104211ee0a49c3d50f651d186cfca8295dab2d28329d8a
SHA512

d86b7ca0aabb86fd262273e0deca0daddcb2cc5bb020ca73162498e130e41ae7e1736b6caea3291f169f6ddbb969ec986733dbcefa058ed34bb0b18af578b08d
SSDEEP

1536:mHG6YXI/x4pNyrLKo8YEBClgw6wrLPeZDIAiXkfDpC:mHG1m4y79Eob6wLP8Dw

Score

10^/10

mirai mirai botnet discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

sora.arm7

Resource

debian9-armhf-20240418-en

mirai mirai botnet discovery

debian-9-armhf

7 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  sora.arm7
- Size
  
  53KB
- MD5
  
  59a7319860856987828fbc686b6c9bbb
- SHA1
  
  a98e3b3af9f90ce1422f5c07e2eca973f1975e46
- SHA256
  
  6f1807bd00b271807e104211ee0a49c3d50f651d186cfca8295dab2d28329d8a
- SHA512
  
  d86b7ca0aabb86fd262273e0deca0daddcb2cc5bb020ca73162498e130e41ae7e1736b6caea3291f169f6ddbb969ec986733dbcefa058ed34bb0b18af578b08d
- SSDEEP
  
  1536:mHG6YXI/x4pNyrLKo8YEBClgw6wrLPeZDIAiXkfDpC:mHG1m4y79Eob6wLP8Dw
Score

10^/10

mirai mirai botnet discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (20527) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraimiraibotnetdiscovery

© 2018-2025

Terms | Privacy