mirai | d0382fc7ba99a3f397c30662ca32db23d00d729b00deeb12857c02f2c16199ed | Triage

Sharing

General

Target

e8866f7f63d608b19268473db8b8fd90_JaffaCakes118
Size

54KB
Sample

240918-hc7bssxcle
MD5

e8866f7f63d608b19268473db8b8fd90
SHA1

753fb28b188b6842efe64d030023d47a81fdbca3
SHA256

d0382fc7ba99a3f397c30662ca32db23d00d729b00deeb12857c02f2c16199ed
SHA512

3d0e1c0566d43e0c89b6a320a4da9098e45ef5d4ff8e8feefdd029da384c7ee0627280c28f5f8f91c412eb66602060ab4b7bf787945b736821ac2a2abe7ec12d
SSDEEP

1536:d6EwVWibZ6uzpNrmvFtWbFT7WCTZrt+xc:QVWYZ6uzv4FKFT7WoZrQq

Score

10^/10

mirai mirai defense_evasion discovery linux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  e8866f7f63d608b19268473db8b8fd90_JaffaCakes118
- Size
  
  54KB
- MD5
  
  e8866f7f63d608b19268473db8b8fd90
- SHA1
  
  753fb28b188b6842efe64d030023d47a81fdbca3
- SHA256
  
  d0382fc7ba99a3f397c30662ca32db23d00d729b00deeb12857c02f2c16199ed
- SHA512
  
  3d0e1c0566d43e0c89b6a320a4da9098e45ef5d4ff8e8feefdd029da384c7ee0627280c28f5f8f91c412eb66602060ab4b7bf787945b736821ac2a2abe7ec12d
- SSDEEP
  
  1536:d6EwVWibZ6uzpNrmvFtWbFT7WCTZrt+xc:QVWYZ6uzv4FKFT7WoZrQq
Score

9^/10

defense_evasion discovery
- Contacts a large (7198) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery