mirai | d19dfc72091073fab62b73a5d1278140d81ab06e3e9350d465d0d15ab5d4ac86 | Triage

Submit
Reports

Overview

overview

Static

static

jew.mips.elf

debian-9-mips

9

Sharing

General

Target

jew.mips.elf
Size

125KB
Sample

241209-epmw5szja1
MD5

2f942e3a7e46f280f8798d9c810b9d40
SHA1

ea78b29d0683166da777c5ba687866bd32f3f3b4
SHA256

d19dfc72091073fab62b73a5d1278140d81ab06e3e9350d465d0d15ab5d4ac86
SHA512

e5a7d78c0a7bced25e2ee8b07fabd94fd021578dbdceef97b0bf442b034837ad0f187dfa85a094f8d92ef028af323857f9adc32c0fb50eed8be44fef061dff68
SSDEEP

3072:k9CY3nsXRx2+hgnSXsxVLdEgrUpziNn3Ik8LINFb1lNWYB:k9CY3nsXRx2+hrXsxVLdEgrUrWFb1lNL

Score

10^/10

mirai kurc defense_evasion discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

jew.mips.elf

Resource

debian9-mipsbe-20240611-en

defense_evasion discovery

debian-9-mips

6 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

KURC

Targets

- Target
  
  jew.mips.elf
- Size
  
  125KB
- MD5
  
  2f942e3a7e46f280f8798d9c810b9d40
- SHA1
  
  ea78b29d0683166da777c5ba687866bd32f3f3b4
- SHA256
  
  d19dfc72091073fab62b73a5d1278140d81ab06e3e9350d465d0d15ab5d4ac86
- SHA512
  
  e5a7d78c0a7bced25e2ee8b07fabd94fd021578dbdceef97b0bf442b034837ad0f187dfa85a094f8d92ef028af323857f9adc32c0fb50eed8be44fef061dff68
- SSDEEP
  
  3072:k9CY3nsXRx2+hgnSXsxVLdEgrUpziNn3Ik8LINFb1lNWYB:k9CY3nsXRx2+hrXsxVLdEgrUrWFb1lNL
Score

9^/10

defense_evasion discovery
- Contacts a large (109472) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy