mirai | 36ebc80a54b2207b7aab6816afd82bc64c73e001a52c0f1009311bdaf1173d6d | Triage

Submit
Reports

Overview

overview

Static

static

main_mpsl.elf

debian-12-mipsel

9

Sharing

General

Target

main_mpsl.elf
Size

66KB
Sample

241206-frdxpa1qc1
MD5

56463306bc217c81a1446607d42d5be4
SHA1

2401ed5d94ca806eea81b77176e06b65f66e6c85
SHA256

36ebc80a54b2207b7aab6816afd82bc64c73e001a52c0f1009311bdaf1173d6d
SHA512

50827274f3a6f49bdc4da7058c95e8db3d160d945c766f6ade78bf1c463bdd982f641c78d423c22d51af99d83a946d08e1431d4d51ff9e15479b8ab188cb8b9d
SSDEEP

1536:4YMFVUqsunVIJMLzGvs3O1bukj6WcZVC0gr:4Qqs8VIJMLyvyWcG

Score

10^/10

mirai defense_evasion discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

main_mpsl.elf

Resource

debian12-mipsel-20240221-en

defense_evasion discovery

debian-12-mipsel

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  main_mpsl.elf
- Size
  
  66KB
- MD5
  
  56463306bc217c81a1446607d42d5be4
- SHA1
  
  2401ed5d94ca806eea81b77176e06b65f66e6c85
- SHA256
  
  36ebc80a54b2207b7aab6816afd82bc64c73e001a52c0f1009311bdaf1173d6d
- SHA512
  
  50827274f3a6f49bdc4da7058c95e8db3d160d945c766f6ade78bf1c463bdd982f641c78d423c22d51af99d83a946d08e1431d4d51ff9e15479b8ab188cb8b9d
- SSDEEP
  
  1536:4YMFVUqsunVIJMLzGvs3O1bukj6WcZVC0gr:4Qqs8VIJMLyvyWcG
Score

9^/10

defense_evasion discovery
- Contacts a large (166951) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy