Overview

overview

10

Static

static

5

0bbded326f...97.elf

debian-9-mips

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0bbded326f0477af5e28f1af007d37662805b1016b7a37f771f2f7b6365ba097.elf

  • Size

    25KB

  • Sample

    241003-be22jazemh

  • MD5

    8e0bed7d1e22e8830d5b399c702a36e5

  • SHA1

    948723dd56d561b94d776136e99d218642ef71c3

  • SHA256

    0bbded326f0477af5e28f1af007d37662805b1016b7a37f771f2f7b6365ba097

  • SHA512

    400539d3beaeb373eaf03caf8cf32e34336b1c71e46714f8033b2a7582abd818292a0fafa89868cf3db697dd26e187867990bf9f7f0b8098f5daa9929adba41b

  • SSDEEP

    768:fM3QQ2ZzxfqR/zI6pMoIxb0OqZJgGlzDpbuR1Jj:yQQ2JxfgzNyoIxoOAVJuR

Score
10/10
miraibotnetdefense_evasiondiscoveryupx

Malware Config

Targets

    • Target

      0bbded326f0477af5e28f1af007d37662805b1016b7a37f771f2f7b6365ba097.elf

    • Size

      25KB

    • MD5

      8e0bed7d1e22e8830d5b399c702a36e5

    • SHA1

      948723dd56d561b94d776136e99d218642ef71c3

    • SHA256

      0bbded326f0477af5e28f1af007d37662805b1016b7a37f771f2f7b6365ba097

    • SHA512

      400539d3beaeb373eaf03caf8cf32e34336b1c71e46714f8033b2a7582abd818292a0fafa89868cf3db697dd26e187867990bf9f7f0b8098f5daa9929adba41b

    • SSDEEP

      768:fM3QQ2ZzxfqR/zI6pMoIxb0OqZJgGlzDpbuR1Jj:yQQ2JxfgzNyoIxoOAVJuR

    Score
    10/10
    miraibotnetdefense_evasiondiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Contacts a large (20533) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks