General

  • Target

    7a8ed4a1f76797d3b9b6b5f738a0b6dab41bf4fa7c0abfd49b8714f898cc8669.elf

  • Size

    60KB

  • Sample

    241105-d24jzstdkf

  • MD5

    8a847e0d7c792f89efc2646425db7116

  • SHA1

    2a49deca5e1dfb1579718e3b34869806ee6e1ed9

  • SHA256

    7a8ed4a1f76797d3b9b6b5f738a0b6dab41bf4fa7c0abfd49b8714f898cc8669

  • SHA512

    6db2d89ae524a4791f7ff912cc645d323b18c1673ac890e8d4989287f74904b21f6d440c3d196896449d122095a12e48f91317a1e0a14094df9678370b45b813

  • SSDEEP

    1536:DxUEibfRLIXHpf4GsVyB2P2bju5eMS0WLDTetpKDnCKo:DiXbfRLIXHpf4GsVWTbj4eMSnfOcDC

Malware Config

Extracted

Family

mirai

Botnet

TSUNAGU

C2

aiddoscnc.aisysmddos.com

aiddoscnc2.aisysmddos.com

Targets

    • Target

      7a8ed4a1f76797d3b9b6b5f738a0b6dab41bf4fa7c0abfd49b8714f898cc8669.elf

    • Size

      60KB

    • MD5

      8a847e0d7c792f89efc2646425db7116

    • SHA1

      2a49deca5e1dfb1579718e3b34869806ee6e1ed9

    • SHA256

      7a8ed4a1f76797d3b9b6b5f738a0b6dab41bf4fa7c0abfd49b8714f898cc8669

    • SHA512

      6db2d89ae524a4791f7ff912cc645d323b18c1673ac890e8d4989287f74904b21f6d440c3d196896449d122095a12e48f91317a1e0a14094df9678370b45b813

    • SSDEEP

      1536:DxUEibfRLIXHpf4GsVyB2P2bju5eMS0WLDTetpKDnCKo:DiXbfRLIXHpf4GsVWTbj4eMSnfOcDC

    Score
    9/10
    • Contacts a large (76773) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

MITRE ATT&CK Enterprise v15

Tasks