mirai | c9c219a8c84a6f4a4d2c6b2daab81dfec2d1de4dfe12649c25b3b2be73589f1e | Triage

Submit
Reports

Overview

overview

Static

static

5

c9c219a8c8...1e.elf

debian-9-mipsel

Sharing

General

Target

c9c219a8c84a6f4a4d2c6b2daab81dfec2d1de4dfe12649c25b3b2be73589f1e.elf
Size

37KB
Sample

241114-dmv93axlfn
MD5

9f283a66e6aa73b192d236fb6c16cf51
SHA1

4079022688540bd661f8d3246be685cf8f652c3b
SHA256

c9c219a8c84a6f4a4d2c6b2daab81dfec2d1de4dfe12649c25b3b2be73589f1e
SHA512

fee1659c1bd5befdaeb3c34a241d6f1cdcfefeaee9f3e06d77fae24ebbb23f79cf2b9d9d6c9ced7b32c95058c5142498ad896bf75701e46207bad00de18ac157
SSDEEP

768:TghW5vB2zC1sX2v5WkybCQCBcqL4szKtRS6RaWbTJo+YEHhWMVK:Uo58CTvrsCGYKtRSGaWbloWHK

Score

10^/10

mirai mirai botnet defense_evasion discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c9c219a8c84a6f4a4d2c6b2daab81dfec2d1de4dfe12649c25b3b2be73589f1e.elf

Resource

debian9-mipsel-20240611-en

mirai mirai botnet defense_evasion discovery

debian-9-mipsel

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  c9c219a8c84a6f4a4d2c6b2daab81dfec2d1de4dfe12649c25b3b2be73589f1e.elf
- Size
  
  37KB
- MD5
  
  9f283a66e6aa73b192d236fb6c16cf51
- SHA1
  
  4079022688540bd661f8d3246be685cf8f652c3b
- SHA256
  
  c9c219a8c84a6f4a4d2c6b2daab81dfec2d1de4dfe12649c25b3b2be73589f1e
- SHA512
  
  fee1659c1bd5befdaeb3c34a241d6f1cdcfefeaee9f3e06d77fae24ebbb23f79cf2b9d9d6c9ced7b32c95058c5142498ad896bf75701e46207bad00de18ac157
- SSDEEP
  
  768:TghW5vB2zC1sX2v5WkybCQCBcqL4szKtRS6RaWbTJo+YEHhWMVK:Uo58CTvrsCGYKtRSGaWbloWHK
Score

10^/10

mirai mirai botnet defense_evasion discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Mirai family
  mirai
- Contacts a large (19672) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraimiraibotnetdefense_evasiondiscovery

© 2018-2024

Terms | Privacy