mirai | 4448361e9361ca56e760b68badd8d2aae541ade179c0626aa68b1a8375250b28 | Triage

Submit
Reports

Overview

overview

Static

static

5

7f307860b8...82.elf

ubuntu-22.04-amd64

Sharing

General

Target

6d1b6e91b1e2037fbf62ca7ddcf04932.bin
Size

32KB
Sample

241018-bt6cha1dmq
MD5

e126ae83ff619989a61712012ca0ec84
SHA1

cd10af23472bfcddc983b7c72a7741c6b8777c42
SHA256

4448361e9361ca56e760b68badd8d2aae541ade179c0626aa68b1a8375250b28
SHA512

32c9ab5c7833500815ae194cf7c1d2d88f770763acd2f4a0d76c85e94ad94d1fced5afeb5e1d532185f00683076c38129dee7a95b0816020f41e69135618e63b
SSDEEP

768:mfFV5AyqXm0IrV+2K+agR/7kh5tqJeYYowkqqE9LK4Gw:8Fz2cQurR/7k5qBYowkq79LJGw

Score

10^/10

mirai unstable botnet defense_evasion discovery linux upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

7f307860b88d639313ebd4195f1ef6a8d668d1941c6cbf6dc968961b1fe42782.elf

Resource

ubuntu2204-amd64-20240729-en

mirai unstable botnet defense_evasion discovery

ubuntu-22.04-amd64

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

- Target
  
  7f307860b88d639313ebd4195f1ef6a8d668d1941c6cbf6dc968961b1fe42782.elf
- Size
  
  33KB
- MD5
  
  6d1b6e91b1e2037fbf62ca7ddcf04932
- SHA1
  
  d0769095ec2e678074eb206b3537022129c1a776
- SHA256
  
  7f307860b88d639313ebd4195f1ef6a8d668d1941c6cbf6dc968961b1fe42782
- SHA512
  
  7397ef3b4f7d34b0637de721f38ac833ad6d526e9b7cdbc08fdb4b261fa675001a8079ff4b9378fa219090a945126832cb1ab3db86b35da0090b20051d31bb38
- SSDEEP
  
  768:N+XxttkFjpGM7acyeXuaq2AjofyIlVtqGS1N8NnonbcuyD7Uiyq5:N/pf7JyeGofDjtqBMonouy8Zq5
Score

10^/10

mirai unstable botnet defense_evasion discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (225921) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraiunstablebotnetdefense_evasiondiscovery

© 2018-2025

Terms | Privacy