mirai | 95af6dd9da15577bfd171daebb2f404a52df04d38a4bcad538ef4b79a6435cae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

no.sh
Size

2KB
Sample

240722-aja8yasapc
MD5

0cfdd05ea2bb11d74b3ce3b95fc29421
SHA1

665cc6ba414b286da9c1a41a618d843275fa53cc
SHA256

95af6dd9da15577bfd171daebb2f404a52df04d38a4bcad538ef4b79a6435cae
SHA512

8a0baf4405ad2462a4a735d4a2a84d8d0b9ef10b72261716e0afb985f280d93aac4f5e8e40a6da0d330264813a077f3a4216df862821022d2f9c3ea90147c120

Score

10^/10

mirai mirai antivm botnet linux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

C2

whois.hopto.org

Extracted

Family

mirai

Botnet

MIRAI

C2

whois.hopto.org

Extracted

Family

mirai

Botnet

MIRAI

C2

whois.hopto.org

Targets

- Target
  
  no.sh
- Size
  
  2KB
- MD5
  
  0cfdd05ea2bb11d74b3ce3b95fc29421
- SHA1
  
  665cc6ba414b286da9c1a41a618d843275fa53cc
- SHA256
  
  95af6dd9da15577bfd171daebb2f404a52df04d38a4bcad538ef4b79a6435cae
- SHA512
  
  8a0baf4405ad2462a4a735d4a2a84d8d0b9ef10b72261716e0afb985f280d93aac4f5e8e40a6da0d330264813a077f3a4216df862821022d2f9c3ea90147c120
Score

10^/10

mirai mirai botnet antivm
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Executes dropped EXE
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraimiraibotnet

behavioral2

miraimiraiantivmbotnet

behavioral3

miraimiraibotnet

behavioral4

miraimiraibotnet