Overview

overview

10

Static

static

10

mips

debian-9-mips

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    mips

  • Size

    107KB

  • Sample

    240925-esjznavblj

  • MD5

    6b46b9c4f459d55eca1da516b1b6894f

  • SHA1

    51578e31325eb49f9f5f101cb5206a60359516d6

  • SHA256

    b64ee05caba05a416417581db5673053b2680acc480b8896a3ae0eaacab421b5

  • SHA512

    52f1e2898b6c1f7936feef4bb906f3d1e9e38cacfe630d8c8289634eaec0ea37eb92e8f7be9849f57b4f2287e05af6ce9e13edacec5960ccbcba8d297e9578d0

  • SSDEEP

    3072:cNVSpIiUF+Fosx1ORLonZ1Yc04IgY9ZsNTOD66WmQrp/mImAdnHWyH:cNgiiUFMoOOeT7YAdnHH

Score
10/10
miraibotnetdiscovery

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

    • Target

      mips

    • Size

      107KB

    • MD5

      6b46b9c4f459d55eca1da516b1b6894f

    • SHA1

      51578e31325eb49f9f5f101cb5206a60359516d6

    • SHA256

      b64ee05caba05a416417581db5673053b2680acc480b8896a3ae0eaacab421b5

    • SHA512

      52f1e2898b6c1f7936feef4bb906f3d1e9e38cacfe630d8c8289634eaec0ea37eb92e8f7be9849f57b4f2287e05af6ce9e13edacec5960ccbcba8d297e9578d0

    • SSDEEP

      3072:cNVSpIiUF+Fosx1ORLonZ1Yc04IgY9ZsNTOD66WmQrp/mImAdnHWyH:cNgiiUFMoOOeT7YAdnHH

    Score
    9/10
    discovery

    • Contacts a large (651693) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Renames itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks