mirai | 2bf2c82e29d37db4268872fa6a69f1975a62b906dec55c3c661b757bc7ba4de1 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

2bf2c82e29...e1.elf

debian-9-mips

9

Sharing

General

Target

2bf2c82e29d37db4268872fa6a69f1975a62b906dec55c3c661b757bc7ba4de1.elf
Size

221KB
Sample

240904-bmkgfstcld
MD5

4f506b8eb662883574ea26e6ff228160
SHA1

ff4bd9b4f5efa63ef3c75b39f6ea5538922cc6ee
SHA256

2bf2c82e29d37db4268872fa6a69f1975a62b906dec55c3c661b757bc7ba4de1
SHA512

de8796654257a3a6df7865d3c9aefa73406d76978d0e5a7054a18e693cc73b1f99c03b3ad9b709dd9c3ee3aae73b4b6f1c631f1e1d4fa5ccbbd5631cf165863b
SSDEEP

3072:0DedHUcHyFzZdrvFOqmG3IEhwnYWDjS+omE5M0cNDPC/+OcKYKATVFF6:0DehUDmSIEh4YSumgMJNz8+0YKIF6

Score

10^/10

mirai discovery evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2bf2c82e29d37db4268872fa6a69f1975a62b906dec55c3c661b757bc7ba4de1.elf

Resource

debian9-mipsbe-20240729-en

discovery evasion

debian-9-mips

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2bf2c82e29d37db4268872fa6a69f1975a62b906dec55c3c661b757bc7ba4de1.elf
- Size
  
  221KB
- MD5
  
  4f506b8eb662883574ea26e6ff228160
- SHA1
  
  ff4bd9b4f5efa63ef3c75b39f6ea5538922cc6ee
- SHA256
  
  2bf2c82e29d37db4268872fa6a69f1975a62b906dec55c3c661b757bc7ba4de1
- SHA512
  
  de8796654257a3a6df7865d3c9aefa73406d76978d0e5a7054a18e693cc73b1f99c03b3ad9b709dd9c3ee3aae73b4b6f1c631f1e1d4fa5ccbbd5631cf165863b
- SSDEEP
  
  3072:0DedHUcHyFzZdrvFOqmG3IEhwnYWDjS+omE5M0cNDPC/+OcKYKATVFF6:0DehUDmSIEh4YSumgMJNz8+0YKIF6
Score

9^/10

discovery evasion
- Contacts a large (1019663) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Deletes Audit logs
  Deletes logs related to the Linux Audit framework.
  evasion
- Deletes system logs
  Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
  evasion
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Deletes log files
  Deletes log files on the system.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

© 2018-2025

Terms | Privacy