General
-
Target
ebbb403ae5c2bf4cbfa72c30f5e061d73fa5465c0a7c455e18a2cc73b413d160.sh
-
Size
4KB
-
Sample
241018-dmc4gswfqp
-
MD5
2d520ab45c89c24520e0754fd1971be2
-
SHA1
96e5de0ce70de4fa0f1adcd586aa49608bd578ea
-
SHA256
ebbb403ae5c2bf4cbfa72c30f5e061d73fa5465c0a7c455e18a2cc73b413d160
-
SHA512
496e0ee73afc2d1263db3012dec1578c3d493229a28e4fe97d5b63390ed86441b0fc42bc3f7d494569209b8642e8f5c9e239907cd1b8124bdeff619ba85e902b
-
SSDEEP
96:vNVjWNw41Nx/SNN7uNdMdEpFDNn90NUsRN2mHNRfCN3t8NueXNyS7NGWfNPl3:IO4Fi
Static task
static1
Behavioral task
behavioral1
Sample
ebbb403ae5c2bf4cbfa72c30f5e061d73fa5465c0a7c455e18a2cc73b413d160.sh
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
ebbb403ae5c2bf4cbfa72c30f5e061d73fa5465c0a7c455e18a2cc73b413d160.sh
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral3
Sample
ebbb403ae5c2bf4cbfa72c30f5e061d73fa5465c0a7c455e18a2cc73b413d160.sh
Resource
debian9-mipsbe-20240729-en
Malware Config
Extracted
mirai
UNSTABLE
Extracted
mirai
UNSTABLE
Extracted
mirai
UNSTABLE
Targets
-
-
Target
ebbb403ae5c2bf4cbfa72c30f5e061d73fa5465c0a7c455e18a2cc73b413d160.sh
-
Size
4KB
-
MD5
2d520ab45c89c24520e0754fd1971be2
-
SHA1
96e5de0ce70de4fa0f1adcd586aa49608bd578ea
-
SHA256
ebbb403ae5c2bf4cbfa72c30f5e061d73fa5465c0a7c455e18a2cc73b413d160
-
SHA512
496e0ee73afc2d1263db3012dec1578c3d493229a28e4fe97d5b63390ed86441b0fc42bc3f7d494569209b8642e8f5c9e239907cd1b8124bdeff619ba85e902b
-
SSDEEP
96:vNVjWNw41Nx/SNN7uNdMdEpFDNn90NUsRN2mHNRfCN3t8NueXNyS7NGWfNPl3:IO4Fi
-
Contacts a large (220715) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Impair Defenses
1Virtualization/Sandbox Evasion
1System Checks
1