General
-
Target
19dec39778829e777ceb0ba83821dbb01a3bbd8a6b20f6f0fc9df1991677723d.elf
-
Size
94KB
-
Sample
241211-cnxc3s1lbs
-
MD5
4c011892b80ae149c344460edabaad89
-
SHA1
0a9338bedf585b4a9042edd95c7f68e755383cab
-
SHA256
19dec39778829e777ceb0ba83821dbb01a3bbd8a6b20f6f0fc9df1991677723d
-
SHA512
f90166b4752045be2aedde82f0664f4f905333432a39edabee76c68f31d53f5f2c26207d4d7ac3f0c1ae8acf98e58cc1e1595522e4ffc6f8196f37b9cbaa019f
-
SSDEEP
1536:tChrBm+ncC9sSN7hEKI5ZDA1JSFIFeSAZB4tTHBpVwbZnbJR:tyBmxCVFrSF0eXy3VwbZnbJ
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
19dec39778829e777ceb0ba83821dbb01a3bbd8a6b20f6f0fc9df1991677723d.elf
-
Size
94KB
-
MD5
4c011892b80ae149c344460edabaad89
-
SHA1
0a9338bedf585b4a9042edd95c7f68e755383cab
-
SHA256
19dec39778829e777ceb0ba83821dbb01a3bbd8a6b20f6f0fc9df1991677723d
-
SHA512
f90166b4752045be2aedde82f0664f4f905333432a39edabee76c68f31d53f5f2c26207d4d7ac3f0c1ae8acf98e58cc1e1595522e4ffc6f8196f37b9cbaa019f
-
SSDEEP
1536:tChrBm+ncC9sSN7hEKI5ZDA1JSFIFeSAZB4tTHBpVwbZnbJR:tyBmxCVFrSF0eXy3VwbZnbJ
Score9/10-
Contacts a large (23190) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Modifies rc script
Adding/modifying system rc scripts is a common persistence mechanism.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1Privilege Escalation
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1