Overview

overview

10

Static

static

10

hax.x86.elf

ubuntu-22.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    hax.x86.elf

  • Size

    48KB

  • Sample

    241210-vxj38awnam

  • MD5

    e0cfc03055c966a48ae98ecbf72a53fb

  • SHA1

    2dbd50296689603849e4cbb7518ac764b0a6f04c

  • SHA256

    c9d835c42e386c9ac2c3803b1bbef7b249550f7b4eed722bca6ab9ffec1ddd00

  • SHA512

    2687e3ee0b11a4bf4e02c2dcf33a331d52d6284f0434ce0592619708a6be0a258d19a6c006055d1bb24d990d91356bc5c229932db01b56ea0dd8d1248ef79668

  • SSDEEP

    1536:sNPiSW9bDsdy1oeD3LEtFHwSjFLxwFCLgoE:DSWxYdy1oeD3LqFHHFxwuB

Score
10/10
miraisoradiscoverylinux

Malware Config

Extracted

Family

mirai

Botnet

SORA

Targets

    • Target

      hax.x86.elf

    • Size

      48KB

    • MD5

      e0cfc03055c966a48ae98ecbf72a53fb

    • SHA1

      2dbd50296689603849e4cbb7518ac764b0a6f04c

    • SHA256

      c9d835c42e386c9ac2c3803b1bbef7b249550f7b4eed722bca6ab9ffec1ddd00

    • SHA512

      2687e3ee0b11a4bf4e02c2dcf33a331d52d6284f0434ce0592619708a6be0a258d19a6c006055d1bb24d990d91356bc5c229932db01b56ea0dd8d1248ef79668

    • SSDEEP

      1536:sNPiSW9bDsdy1oeD3LEtFHwSjFLxwFCLgoE:DSWxYdy1oeD3LqFHHFxwuB

    Score
    9/10
    discovery

    • Contacts a large (96085) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

      discovery

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks