General
-
Target
botnet.arm7.elf
-
Size
61KB
-
Sample
241110-rey8ms1pbr
-
MD5
6fb2d4fb0836acd474f054fce5b6dffb
-
SHA1
a5c21d71e635cd35610d33ed8bed3ac98df98e29
-
SHA256
25587577619684afb443b3c5bd709ece4ddb012769572e76d715641e043c875b
-
SHA512
ef67a5a7c9323b5c63bee9091b5c57b69b4ecd11aa35d531fb22cc51b8bbdbd895f8bc80fcc9c3cd56d222cb9136de8618f634848b3700e08bb2883b70cfd162
-
SSDEEP
1536:7z3f9F/+WyFWXR2hyMhqMe9yCdCiMNRp13D0SOj5fic:neFo2h5hNe9yCdJMXylic
Behavioral task
behavioral1
Sample
botnet.arm7.elf
Resource
debian9-armhf-20240418-en
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
botnet.arm7.elf
-
Size
61KB
-
MD5
6fb2d4fb0836acd474f054fce5b6dffb
-
SHA1
a5c21d71e635cd35610d33ed8bed3ac98df98e29
-
SHA256
25587577619684afb443b3c5bd709ece4ddb012769572e76d715641e043c875b
-
SHA512
ef67a5a7c9323b5c63bee9091b5c57b69b4ecd11aa35d531fb22cc51b8bbdbd895f8bc80fcc9c3cd56d222cb9136de8618f634848b3700e08bb2883b70cfd162
-
SSDEEP
1536:7z3f9F/+WyFWXR2hyMhqMe9yCdCiMNRp13D0SOj5fic:neFo2h5hNe9yCdJMXylic
Score10/10-
Mirai family
-
Contacts a large (23832) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-