General
-
Target
2a51a31d68eb4fa02088756ceaff39ae3a7e78768fcc48cb9f81c67207be1d92.sh
-
Size
2KB
-
Sample
241110-cm3tgaxdre
-
MD5
2429f698cf97fe571bd6fdc423c2925c
-
SHA1
6a16632e6d5e903b94aac179a258f3ec5452881e
-
SHA256
2a51a31d68eb4fa02088756ceaff39ae3a7e78768fcc48cb9f81c67207be1d92
-
SHA512
9d351efd9ed6bfe34481ca2d23e9f482b68351900fe9c0a756b572a71c6af98c0c1633d198e45ec926ec2fa25aa3448f19f13cb2d7cf87e4203e07927f0fe5f3
Static task
static1
Behavioral task
behavioral1
Sample
2a51a31d68eb4fa02088756ceaff39ae3a7e78768fcc48cb9f81c67207be1d92.sh
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
2a51a31d68eb4fa02088756ceaff39ae3a7e78768fcc48cb9f81c67207be1d92.sh
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral3
Sample
2a51a31d68eb4fa02088756ceaff39ae3a7e78768fcc48cb9f81c67207be1d92.sh
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral4
Sample
2a51a31d68eb4fa02088756ceaff39ae3a7e78768fcc48cb9f81c67207be1d92.sh
Resource
debian9-mipsel-20240729-en
Malware Config
Extracted
mirai
OWARI
cnc.carteldesinaloa.ru
Targets
-
-
Target
2a51a31d68eb4fa02088756ceaff39ae3a7e78768fcc48cb9f81c67207be1d92.sh
-
Size
2KB
-
MD5
2429f698cf97fe571bd6fdc423c2925c
-
SHA1
6a16632e6d5e903b94aac179a258f3ec5452881e
-
SHA256
2a51a31d68eb4fa02088756ceaff39ae3a7e78768fcc48cb9f81c67207be1d92
-
SHA512
9d351efd9ed6bfe34481ca2d23e9f482b68351900fe9c0a756b572a71c6af98c0c1633d198e45ec926ec2fa25aa3448f19f13cb2d7cf87e4203e07927f0fe5f3
-
Mirai family
-
Contacts a large (91474) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Impair Defenses
1Virtualization/Sandbox Evasion
1System Checks
1