Overview

overview

10

Static

static

1

f5ea79726e...434.sh

ubuntu-18.04-amd64

10

f5ea79726e...434.sh

debian-9-armhf

10

f5ea79726e...434.sh

debian-9-mips

10

f5ea79726e...434.sh

debian-9-mipsel

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f5ea79726e3485665232f39e014dc4c3a10f3bd18f9d266f63bf389594432434.sh

  • Size

    2KB

  • Sample

    241209-djm5aaynav

  • MD5

    866012827aa55f2abaae5a628471b831

  • SHA1

    bac2d7b6e032dfdd7fbf14367614b39b6767fd7a

  • SHA256

    f5ea79726e3485665232f39e014dc4c3a10f3bd18f9d266f63bf389594432434

  • SHA512

    a6546a4d33d5a6dd9a10a95eea3a2fb795c287486b232fc4c7e007cfd90d17c600173abb0a6d444c8920c35cf477836f2d4294744295916b141fa5efaa8d20d3

Score
10/10
miraiantivmbotnetdefense_evasiondiscoverylinux

Malware Config

Targets

    • Target

      f5ea79726e3485665232f39e014dc4c3a10f3bd18f9d266f63bf389594432434.sh

    • Size

      2KB

    • MD5

      866012827aa55f2abaae5a628471b831

    • SHA1

      bac2d7b6e032dfdd7fbf14367614b39b6767fd7a

    • SHA256

      f5ea79726e3485665232f39e014dc4c3a10f3bd18f9d266f63bf389594432434

    • SHA512

      a6546a4d33d5a6dd9a10a95eea3a2fb795c287486b232fc4c7e007cfd90d17c600173abb0a6d444c8920c35cf477836f2d4294744295916b141fa5efaa8d20d3

    Score
    10/10
    miraibotnetdefense_evasiondiscoveryantivm

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Deletes itself

    • Executes dropped EXE

    • Traces itself

      Traces itself to prevent debugging attempts

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks