mirai | ca6de8164cf49b1b7745ca66286f4b4259876ab832d31cc8b301fef49bf7fb2b | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

7

df9029eea6...kes118

debian-9-mips

Sharing

General

Target

df9029eea6e3e51c3c06794d79b60bbd_JaffaCakes118
Size

32KB
Sample

240914-fz299aybnq
MD5

df9029eea6e3e51c3c06794d79b60bbd
SHA1

c955c0d007efa292dc3d49cf0b613d44a778dd85
SHA256

ca6de8164cf49b1b7745ca66286f4b4259876ab832d31cc8b301fef49bf7fb2b
SHA512

84ec97ab46fefdc49a070768f776f6266f02d17cd454114fbfd2bc1d5ea93794e9a84251d854112e6a2a75ad8ad73b37c0957cf29705bf8585bbdbaa9b6ddc69
SSDEEP

768:HbzFTnOXHVDQnkZRBCKnZc9VSZ18FYqXjvPBT7fhMFmt9cjJgGlzDpUYsz:HbzZOtwklZ185XjvPlHPcZVqYI

Score

10^/10

mirai unstable botnet defense_evasion discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

df9029eea6e3e51c3c06794d79b60bbd_JaffaCakes118

Resource

debian9-mipsbe-20240611-en

mirai unstable botnet defense_evasion discovery

debian-9-mips

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

- Target
  
  df9029eea6e3e51c3c06794d79b60bbd_JaffaCakes118
- Size
  
  32KB
- MD5
  
  df9029eea6e3e51c3c06794d79b60bbd
- SHA1
  
  c955c0d007efa292dc3d49cf0b613d44a778dd85
- SHA256
  
  ca6de8164cf49b1b7745ca66286f4b4259876ab832d31cc8b301fef49bf7fb2b
- SHA512
  
  84ec97ab46fefdc49a070768f776f6266f02d17cd454114fbfd2bc1d5ea93794e9a84251d854112e6a2a75ad8ad73b37c0957cf29705bf8585bbdbaa9b6ddc69
- SSDEEP
  
  768:HbzFTnOXHVDQnkZRBCKnZc9VSZ18FYqXjvPBT7fhMFmt9cjJgGlzDpUYsz:HbzZOtwklZ185XjvPlHPcZVqYI
Score

10^/10

mirai unstable botnet defense_evasion discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (95512) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraiunstablebotnetdefense_evasiondiscovery

© 2018-2025

Terms | Privacy