General

  • Target

    x86.elf

  • Size

    62KB

  • Sample

    241203-1w7e1ssjhl

  • MD5

    6270c32abec4811eac225d85d0970fac

  • SHA1

    7fd15114c7ecdd3a0322263794846196c2e40e5d

  • SHA256

    b107d6730941c0090b2c61cf0a1ecdbd8d7f58d941c46c6d28120a7c14e6e16c

  • SHA512

    486b03ea0cf6c34dba26fdaeb2e6699779901bbcdeef8df51e80968ae0d40bf1562a84e315c7b2c783b740ffee47f9adb142c22d510a27fc736dcb9699b9879c

  • SSDEEP

    1536:CuQtv+dR0I0GJ7m6Ba6kt9S6G3jO/Yh+NIuN3:CuQv+dRI+Sga3DpGCQCI

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

C2

scamanje.stresserit.pro

Targets

    • Target

      x86.elf

    • Size

      62KB

    • MD5

      6270c32abec4811eac225d85d0970fac

    • SHA1

      7fd15114c7ecdd3a0322263794846196c2e40e5d

    • SHA256

      b107d6730941c0090b2c61cf0a1ecdbd8d7f58d941c46c6d28120a7c14e6e16c

    • SHA512

      486b03ea0cf6c34dba26fdaeb2e6699779901bbcdeef8df51e80968ae0d40bf1562a84e315c7b2c783b740ffee47f9adb142c22d510a27fc736dcb9699b9879c

    • SSDEEP

      1536:CuQtv+dR0I0GJ7m6Ba6kt9S6G3jO/Yh+NIuN3:CuQv+dRI+Sga3DpGCQCI

    Score
    9/10
    • Contacts a large (148470) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

MITRE ATT&CK Enterprise v15

Tasks