mirai | 71bfd13866b7e055503b28c236fa93520c32e8d4e7bc517b367479597c2136d7 | Triage

Submit
Reports

Overview

overview

Static

static

5

sora.mpsl.elf

debian-12-mipsel

Sharing

General

Target

sora.mpsl.elf
Size

29KB
Sample

241103-ry6f3awjdt
MD5

37985e467c817bf15d6c9e390912c1cd
SHA1

9fb09e4378ddb3a1aed647e05e9601afa82e2997
SHA256

71bfd13866b7e055503b28c236fa93520c32e8d4e7bc517b367479597c2136d7
SHA512

201c660365bdcd5e04395fbdf53e6d5eb3e0239962aaaabc853a5ce5f3ed3b3a4d9da748f8d9a5e9d0b52a9810f5789a84a06cda1ccedc669ce2a74dce83bcbb
SSDEEP

768:EUMbYiXNplakzb6LljVRYG8sJOkR7ZOEX2uo1Oz6llhyCWUs:lMbRNpljwBqwJOKdOEXm1Tyks

Score

10^/10

mirai sora botnet defense_evasion discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

sora.mpsl.elf

Resource

debian12-mipsel-20240418-en

mirai sora botnet defense_evasion discovery

debian-12-mipsel

7 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

SORA

Targets

- Target
  
  sora.mpsl.elf
- Size
  
  29KB
- MD5
  
  37985e467c817bf15d6c9e390912c1cd
- SHA1
  
  9fb09e4378ddb3a1aed647e05e9601afa82e2997
- SHA256
  
  71bfd13866b7e055503b28c236fa93520c32e8d4e7bc517b367479597c2136d7
- SHA512
  
  201c660365bdcd5e04395fbdf53e6d5eb3e0239962aaaabc853a5ce5f3ed3b3a4d9da748f8d9a5e9d0b52a9810f5789a84a06cda1ccedc669ce2a74dce83bcbb
- SSDEEP
  
  768:EUMbYiXNplakzb6LljVRYG8sJOkR7ZOEX2uo1Oz6llhyCWUs:lMbRNpljwBqwJOKdOEXm1Tyks
Score

10^/10

mirai sora botnet defense_evasion discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Mirai family
  mirai
- Contacts a large (49195) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraisorabotnetdefense_evasiondiscovery

© 2018-2024

Terms | Privacy