mirai | 48f4e48cc9a4233c9e4b7eae72068bdcc31f52153b15aef66ee0892473a8c8d6 | Triage

Submit
Reports

Overview

overview

Static

static

5

48f4e48cc9...d6.elf

debian-12-mipsel

Sharing

General

Target

48f4e48cc9a4233c9e4b7eae72068bdcc31f52153b15aef66ee0892473a8c8d6.elf
Size

40KB
Sample

241111-cs32es1bpa
MD5

4239c2dccee557c2625474efff327c38
SHA1

b2e9d61211476be920f33f8e881b44c608fb553c
SHA256

48f4e48cc9a4233c9e4b7eae72068bdcc31f52153b15aef66ee0892473a8c8d6
SHA512

d8b4247e3495b2e837009c2101d8792750317e949a669d1df001693b8b86fe7e806ba2b0f28b582ab4925cf598627cc1aaccd8d30f00a38c22343264756cc825
SSDEEP

768:0yracdmNJdT5Tt33ORk9K9wUb9CRmLOk75j4G/w2YlK7u/QcnAWML:0yracdqb193F6wXRmz75Mqw2MK7T

Score

10^/10

mirai mirai botnet defense_evasion discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

48f4e48cc9a4233c9e4b7eae72068bdcc31f52153b15aef66ee0892473a8c8d6.elf

Resource

debian12-mipsel-20240729-en

mirai mirai botnet defense_evasion discovery

debian-12-mipsel

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  48f4e48cc9a4233c9e4b7eae72068bdcc31f52153b15aef66ee0892473a8c8d6.elf
- Size
  
  40KB
- MD5
  
  4239c2dccee557c2625474efff327c38
- SHA1
  
  b2e9d61211476be920f33f8e881b44c608fb553c
- SHA256
  
  48f4e48cc9a4233c9e4b7eae72068bdcc31f52153b15aef66ee0892473a8c8d6
- SHA512
  
  d8b4247e3495b2e837009c2101d8792750317e949a669d1df001693b8b86fe7e806ba2b0f28b582ab4925cf598627cc1aaccd8d30f00a38c22343264756cc825
- SSDEEP
  
  768:0yracdmNJdT5Tt33ORk9K9wUb9CRmLOk75j4G/w2YlK7u/QcnAWML:0yracdqb193F6wXRmz75Mqw2MK7T
Score

10^/10

mirai mirai botnet defense_evasion discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Mirai family
  mirai
- Contacts a large (244853) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraimiraibotnetdefense_evasiondiscovery

© 2018-2024

Terms | Privacy