mirai | c551c9b232e01e120cea46d2276f3f92d5cfd492596eebf73fc6db9be119f27b | Triage

Sharing

General

Target

c551c9b232e01e120cea46d2276f3f92d5cfd492596eebf73fc6db9be119f27b.elf
Size

185KB
Sample

241211-dzjf2ayndk
MD5

0803a1adcda8496063056fff664b52c5
SHA1

9360e5aaf48c5ca30d19758ed84fb080720a0825
SHA256

c551c9b232e01e120cea46d2276f3f92d5cfd492596eebf73fc6db9be119f27b
SHA512

200cc962430df1ae704dd0199ea426a9ea6fb36e16283194c07f1a75e4f778e74a92a8469a5166a80d082c10f4f2c523acb99c265e86e8823b1ec71164aeb7bd
SSDEEP

3072:aCwnsURFvwaN2q2PxGREb4cywoNKcayU9HlSgu4+wbZno:aC0tmbPkSb4cnoNKuU9HlPu/wRo

Score

10^/10

mirai mirai defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  c551c9b232e01e120cea46d2276f3f92d5cfd492596eebf73fc6db9be119f27b.elf
- Size
  
  185KB
- MD5
  
  0803a1adcda8496063056fff664b52c5
- SHA1
  
  9360e5aaf48c5ca30d19758ed84fb080720a0825
- SHA256
  
  c551c9b232e01e120cea46d2276f3f92d5cfd492596eebf73fc6db9be119f27b
- SHA512
  
  200cc962430df1ae704dd0199ea426a9ea6fb36e16283194c07f1a75e4f778e74a92a8469a5166a80d082c10f4f2c523acb99c265e86e8823b1ec71164aeb7bd
- SSDEEP
  
  3072:aCwnsURFvwaN2q2PxGREb4cywoNKcayU9HlSgu4+wbZno:aC0tmbPkSb4cnoNKuU9HlPu/wRo
Score

9^/10

defense_evasion discovery
- Contacts a large (118125) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery