mirai | 117cd63b79b8c0d3753ac6907206872d6527c2d6a641776c1021302d5dcec2b2 | Triage

Submit
Reports

Overview

overview

Static

static

5

117cd63b79...b2.elf

debian-9-mipsel

Sharing

Copy URL Twitter E-mail

General

Target

117cd63b79b8c0d3753ac6907206872d6527c2d6a641776c1021302d5dcec2b2.elf
Size

37KB
Sample

241018-bjxydaxdnd
MD5

144cc0c6dfb6f6e395065b02825a9ad1
SHA1

dfe5d7d8bef4511b42be1ae0235f7469d97bf789
SHA256

117cd63b79b8c0d3753ac6907206872d6527c2d6a641776c1021302d5dcec2b2
SHA512

9e5ca9ee3ebef09688d74de6bb4af9d6c1003173ee5846cd2370d4774e9bc92fef317113b19529cd2a5b1d18a38a626ebf6ed2da05e6c7b66e0d1b69d8ddc5d5
SSDEEP

768:aE1hhWjGqeJ3LksvkNtY5KlGzjp52nQz/xgMAwhBt1YWMg:pqGp3YqkQ5vjynQz/xgjEX

Score

10^/10

mirai unstable botnet defense_evasion discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

117cd63b79b8c0d3753ac6907206872d6527c2d6a641776c1021302d5dcec2b2.elf

Resource

debian9-mipsel-20240611-en

mirai unstable botnet defense_evasion discovery

debian-9-mipsel

7 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

- Target
  
  117cd63b79b8c0d3753ac6907206872d6527c2d6a641776c1021302d5dcec2b2.elf
- Size
  
  37KB
- MD5
  
  144cc0c6dfb6f6e395065b02825a9ad1
- SHA1
  
  dfe5d7d8bef4511b42be1ae0235f7469d97bf789
- SHA256
  
  117cd63b79b8c0d3753ac6907206872d6527c2d6a641776c1021302d5dcec2b2
- SHA512
  
  9e5ca9ee3ebef09688d74de6bb4af9d6c1003173ee5846cd2370d4774e9bc92fef317113b19529cd2a5b1d18a38a626ebf6ed2da05e6c7b66e0d1b69d8ddc5d5
- SSDEEP
  
  768:aE1hhWjGqeJ3LksvkNtY5KlGzjp52nQz/xgMAwhBt1YWMg:pqGp3YqkQ5vjynQz/xgjEX
Score

10^/10

mirai unstable botnet defense_evasion discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (172132) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraiunstablebotnetdefense_evasiondiscovery

© 2018-2025

Terms | Privacy