mirai | f805cca680f751dbd251e87a7a2508eb75e470fce9832c32dfdb884ef6c0042a | Triage

Submit
Reports

Overview

overview

Static

static

5

sora.mips.elf

debian-9-mips

Sharing

General

Target

sora.mips.elf
Size

28KB
Sample

241108-kjrk2a1qdp
MD5

3346c9c566c8fadfd8259859fd32dc33
SHA1

ed027e77c5e57c825d053e73c415fb53c551dbfd
SHA256

f805cca680f751dbd251e87a7a2508eb75e470fce9832c32dfdb884ef6c0042a
SHA512

78e2726bd709d3abd1bc4a98a542e9c2e3907e312404b8d0c8a8469623ed71941d35562dbcb081638807a07b5084b0e93050fce496dc925f40f238bdbba4dca1
SSDEEP

768:hsVtJYGKnMe6ej26owqbRk1Lb6xszsKT+tHE5uJgGlzDpbuR1JN:h6tJYGK/6eUwqbREL++z1T2E5aVJuP

Score

10^/10

mirai sora botnet defense_evasion discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

sora.mips.elf

Resource

debian9-mipsbe-20240611-en

mirai sora botnet defense_evasion discovery

debian-9-mips

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

SORA

Targets

- Target
  
  sora.mips.elf
- Size
  
  28KB
- MD5
  
  3346c9c566c8fadfd8259859fd32dc33
- SHA1
  
  ed027e77c5e57c825d053e73c415fb53c551dbfd
- SHA256
  
  f805cca680f751dbd251e87a7a2508eb75e470fce9832c32dfdb884ef6c0042a
- SHA512
  
  78e2726bd709d3abd1bc4a98a542e9c2e3907e312404b8d0c8a8469623ed71941d35562dbcb081638807a07b5084b0e93050fce496dc925f40f238bdbba4dca1
- SSDEEP
  
  768:hsVtJYGKnMe6ej26owqbRk1Lb6xszsKT+tHE5uJgGlzDpbuR1JN:h6tJYGK/6eUwqbREL++z1T2E5aVJuP
Score

10^/10

mirai sora botnet defense_evasion discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Mirai family
  mirai
- Contacts a large (49479) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraisorabotnetdefense_evasiondiscovery

© 2018-2024

Terms | Privacy