mirai | af4a705ff8a6b54f60a1dd450fb56f99199b16bd0eb64e1710591a80ffe7cb1d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

af4a705ff8...1d.elf

debian-12-mipsel

7

Sharing

General

Target

af4a705ff8a6b54f60a1dd450fb56f99199b16bd0eb64e1710591a80ffe7cb1d.elf
Size

97KB
Sample

240811-bw2gbsydmq
MD5

6a8af93bfff12c98c50bb406e2d8dfb8
SHA1

e4feebee8f7e7b6f99c2ad61663714ab544552f1
SHA256

af4a705ff8a6b54f60a1dd450fb56f99199b16bd0eb64e1710591a80ffe7cb1d
SHA512

dbb53151e3286521fc8b481af88b1e5427e8121fefc080f733b67048e89836b14cc2676b7ec643546b1b7a4470b5332ad490bd2c9b0a43a6aeb7fa6377f4c360
SSDEEP

1536:HoYZkmscJZZYAeH8yqBy9znkNN9ZEbYzAqJl:HoYZkmscJZZY/8IBc9ZEbYzVJl

Score

10^/10

mirai evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

af4a705ff8a6b54f60a1dd450fb56f99199b16bd0eb64e1710591a80ffe7cb1d.elf

Resource

debian12-mipsel-20240221-en

debian-12-mipsel

6 signatures

150 seconds

Malware Config

Extracted

Family

mirai

C2

adadcdad.abcproxy.click

Targets

- Target
  
  af4a705ff8a6b54f60a1dd450fb56f99199b16bd0eb64e1710591a80ffe7cb1d.elf
- Size
  
  97KB
- MD5
  
  6a8af93bfff12c98c50bb406e2d8dfb8
- SHA1
  
  e4feebee8f7e7b6f99c2ad61663714ab544552f1
- SHA256
  
  af4a705ff8a6b54f60a1dd450fb56f99199b16bd0eb64e1710591a80ffe7cb1d
- SHA512
  
  dbb53151e3286521fc8b481af88b1e5427e8121fefc080f733b67048e89836b14cc2676b7ec643546b1b7a4470b5332ad490bd2c9b0a43a6aeb7fa6377f4c360
- SSDEEP
  
  1536:HoYZkmscJZZYAeH8yqBy9znkNN9ZEbYzAqJl:HoYZkmscJZZY/8IBc9ZEbYzVJl
Score

7^/10

evasion
- Deletes Audit logs
  Deletes logs related to the Linux Audit framework.
  evasion
- Deletes journal logs
  Deletes systemd journal logs. Likely to evade detection.
  evasion
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Indicator Removal

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy