mirai | 29a19db162f9e46ff84174d7d05c71dc5137c3e9e506eb98e4022bd0ab3a99db | Triage

Submit
Reports

Overview

overview

Static

static

mpsl

debian-12-mipsel

9

Sharing

Copy URL Twitter E-mail

General

Target

mpsl
Size

219KB
Sample

240828-1r5qmazell
MD5

78844d0272cc7bd80d2b4261f7b9533b
SHA1

775a3e1b128c17a18029bccc9c162781c25e72e1
SHA256

29a19db162f9e46ff84174d7d05c71dc5137c3e9e506eb98e4022bd0ab3a99db
SHA512

7f1b002cef408e1c697883a568835b361851bde68c6fbcf7d6af0bc76346db64efe5c1b520cf6a5b7306c0fd297f9e03576ef44c61a484b7934ee371a8a9391b
SSDEEP

3072:jhGm4O5W6x+1NAAqIluM+ulgd2pVHF00VVbK6:9GZKWI+1N/luM7lgiy0K

Score

10^/10

mirai discovery evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

mpsl

Resource

debian12-mipsel-20240221-en

discovery evasion

debian-12-mipsel

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  mpsl
- Size
  
  219KB
- MD5
  
  78844d0272cc7bd80d2b4261f7b9533b
- SHA1
  
  775a3e1b128c17a18029bccc9c162781c25e72e1
- SHA256
  
  29a19db162f9e46ff84174d7d05c71dc5137c3e9e506eb98e4022bd0ab3a99db
- SHA512
  
  7f1b002cef408e1c697883a568835b361851bde68c6fbcf7d6af0bc76346db64efe5c1b520cf6a5b7306c0fd297f9e03576ef44c61a484b7934ee371a8a9391b
- SSDEEP
  
  3072:jhGm4O5W6x+1NAAqIluM+ulgd2pVHF00VVbK6:9GZKWI+1N/luM7lgiy0K
Score

9^/10

discovery evasion
- Contacts a large (219377) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Deletes Audit logs
  Deletes logs related to the Linux Audit framework.
  evasion
- Deletes journal logs
  Deletes systemd journal logs. Likely to evade detection.
  evasion
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Indicator Removal

Credential Access

Discovery

Network Service Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

© 2018-2025

Terms | Privacy