Overview

overview

10

Static

static

10

hax.mips

debian-9-mips

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    hax.mips

  • Size

    70KB

  • Sample

    241210-vw8eeswmhk

  • MD5

    8a7160ddc5859965e6089527ddb8fd88

  • SHA1

    d3a023dee992d4c81226337ee556f35b2b46a0ee

  • SHA256

    4bf120c03a96b22d633ab5c4b1637b5f41ddf217b307327113fc779100f239de

  • SHA512

    55d9721211760280a3da26c390b1e91a4e8e792d1e61442583de21aba266eef4e01781a01e612c02dd22c4590610c11a8084e115342b32ef261ee6323f0d3e84

  • SSDEEP

    1536:mpDloH2SOP/AVDhl0dM+BYECY+uRSmSprlhYgL9ahy:mpDGHHTVP0dM+8WCprlhtZB

Score
10/10
miraisoradiscovery

Malware Config

Extracted

Family

mirai

Botnet

SORA

Targets

    • Target

      hax.mips

    • Size

      70KB

    • MD5

      8a7160ddc5859965e6089527ddb8fd88

    • SHA1

      d3a023dee992d4c81226337ee556f35b2b46a0ee

    • SHA256

      4bf120c03a96b22d633ab5c4b1637b5f41ddf217b307327113fc779100f239de

    • SHA512

      55d9721211760280a3da26c390b1e91a4e8e792d1e61442583de21aba266eef4e01781a01e612c02dd22c4590610c11a8084e115342b32ef261ee6323f0d3e84

    • SSDEEP

      1536:mpDloH2SOP/AVDhl0dM+BYECY+uRSmSprlhYgL9ahy:mpDGHHTVP0dM+8WCprlhtZB

    Score
    9/10
    discovery

    • Contacts a large (58571) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks