mirai | 9903dce03d17cc671f9842b2bb533b8a3eca715e75c355dec91ea0ad7fa67c1c | Triage

Submit
Reports

Overview

overview

Static

static

x8664

ubuntu-18.04-amd64

9

Sharing

General

Target

x8664
Size

148KB
Sample

240906-qp34xazald
MD5

2d2cb35160309ed2669863dc33faf4bb
SHA1

d41bf1ba8a23c7329bfdc2c70f2be70fb55229bd
SHA256

9903dce03d17cc671f9842b2bb533b8a3eca715e75c355dec91ea0ad7fa67c1c
SHA512

451087729a286693b4c7bf2d121858720126d11ff2752e287b4206601b3a4213d21ab59b225e0a7736fbfd83e1e6b45d62f22f896c28d03f8f4f74f29dd7c194
SSDEEP

3072:DpT1FUc3A3DR93HYVcn2ej37mDfWQlnCR3TAS0uJF:DpscyoDe8jlpqJF

Score

10^/10

mirai botnet defense_evasion discovery linux

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

x8664

Resource

ubuntu1804-amd64-20240611-en

defense_evasion discovery

ubuntu-18.04-amd64

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

- Target
  
  x8664
- Size
  
  148KB
- MD5
  
  2d2cb35160309ed2669863dc33faf4bb
- SHA1
  
  d41bf1ba8a23c7329bfdc2c70f2be70fb55229bd
- SHA256
  
  9903dce03d17cc671f9842b2bb533b8a3eca715e75c355dec91ea0ad7fa67c1c
- SHA512
  
  451087729a286693b4c7bf2d121858720126d11ff2752e287b4206601b3a4213d21ab59b225e0a7736fbfd83e1e6b45d62f22f896c28d03f8f4f74f29dd7c194
- SSDEEP
  
  3072:DpT1FUc3A3DR93HYVcn2ej37mDfWQlnCR3TAS0uJF:DpscyoDe8jlpqJF
Score

9^/10

defense_evasion discovery
- Contacts a large (1966729) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy