General
-
Target
f58a0e90af9096b654bc8c021b5aaf98c786e60213c50d68315e8811808dada4.elf
-
Size
157KB
-
Sample
241211-ect5pazlcj
-
MD5
85e3b246f03d8db6a1817b5890a3354c
-
SHA1
78c23c62052dc6c2a09a98acaec9a3031738479e
-
SHA256
f58a0e90af9096b654bc8c021b5aaf98c786e60213c50d68315e8811808dada4
-
SHA512
11b4c9af882e9ef6db2283a5495d8ca00a5518d85920133c651ca34ca1e37c45d0bcd76cc56a7704afe92fd119a8e3c722120b191f47083a90fbfa677e2b7b30
-
SSDEEP
3072:rJB6Sx3xRa1ZNPCBvkk0UZpLxbw5vwbZn5qO6pRM/9Zwke:9AuhRa1ZNPCBmUZfIwR5qO6LM/9Zwke
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
f58a0e90af9096b654bc8c021b5aaf98c786e60213c50d68315e8811808dada4.elf
-
Size
157KB
-
MD5
85e3b246f03d8db6a1817b5890a3354c
-
SHA1
78c23c62052dc6c2a09a98acaec9a3031738479e
-
SHA256
f58a0e90af9096b654bc8c021b5aaf98c786e60213c50d68315e8811808dada4
-
SHA512
11b4c9af882e9ef6db2283a5495d8ca00a5518d85920133c651ca34ca1e37c45d0bcd76cc56a7704afe92fd119a8e3c722120b191f47083a90fbfa677e2b7b30
-
SSDEEP
3072:rJB6Sx3xRa1ZNPCBvkk0UZpLxbw5vwbZn5qO6pRM/9Zwke:9AuhRa1ZNPCBmUZfIwR5qO6LM/9Zwke
Score9/10-
Contacts a large (23051) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Modifies rc script
Adding/modifying system rc scripts is a common persistence mechanism.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1Privilege Escalation
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1