mirai | d9dbeceaead22cfb8f575b8b77a5c259d9b31296645eeac99cc1df18e4b07b8c | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

7

SecuriteIn...37.elf

debian-9-armhf

Sharing

General

Target

SecuriteInfo.com.Linux.Siggen.9999.17011.23537.elf
Size

56KB
Sample

240817-qxc8fs1drj
MD5

f001bcac5e30063144fc5484d523268b
SHA1

e91f8d03c32ef3f2a0ecf2113c055607e3b219c1
SHA256

d9dbeceaead22cfb8f575b8b77a5c259d9b31296645eeac99cc1df18e4b07b8c
SHA512

66f0e65f9ac90e756f8a16c984ad9c0e3c831b15d48d10624de78c2b34e817deea5dccedb348e7aae180b046d735b53712cb1799f48b7384c2aa4e0d2c3268d9
SSDEEP

1536:YyEZV9XZ3BVAtU75jDrWlFqnvVcIVo73bSjaFzKY8d6:W9XKtwX0Fwu+OS+2d6

Score

10^/10

mirai unstable botnet discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Linux.Siggen.9999.17011.23537.elf

Resource

debian9-armhf-20240729-en

mirai unstable botnet discovery

debian-9-armhf

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

- Target
  
  SecuriteInfo.com.Linux.Siggen.9999.17011.23537.elf
- Size
  
  56KB
- MD5
  
  f001bcac5e30063144fc5484d523268b
- SHA1
  
  e91f8d03c32ef3f2a0ecf2113c055607e3b219c1
- SHA256
  
  d9dbeceaead22cfb8f575b8b77a5c259d9b31296645eeac99cc1df18e4b07b8c
- SHA512
  
  66f0e65f9ac90e756f8a16c984ad9c0e3c831b15d48d10624de78c2b34e817deea5dccedb348e7aae180b046d735b53712cb1799f48b7384c2aa4e0d2c3268d9
- SSDEEP
  
  1536:YyEZV9XZ3BVAtU75jDrWlFqnvVcIVo73bSjaFzKY8d6:W9XKtwX0Fwu+OS+2d6
Score

10^/10

mirai unstable botnet discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (222139) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraiunstablebotnetdiscovery

© 2018-2025

Terms | Privacy