mirai | 4226e8f124d1a002429cc2649564a8f379b99182b9875b3402dcc2a25f53186c | Triage

Submit
Reports

Overview

overview

Static

static

e4f3941ffe...kes118

ubuntu-22.04-amd64

9

Sharing

General

Target

e4f3941ffec19145281f6944a410e0bf_JaffaCakes118
Size

44KB
Sample

241212-gdxy3swqhq
MD5

e4f3941ffec19145281f6944a410e0bf
SHA1

96c903a86f916ae5df7b94799fc07f10bf676a01
SHA256

4226e8f124d1a002429cc2649564a8f379b99182b9875b3402dcc2a25f53186c
SHA512

d0e748960ec3bee08c3a922998fb58bd776a8f3812b4f920bc45b59e28151f356d9af4dcd4ffd22409a9ff8917c9f476c5d1bfc327922923bbc19dd5bf879e64
SSDEEP

768:+Xrz1T71Ns/1TMQaxUsHMh0Z5SyhjEwSqku0Zlv6:+7J31NG+HY0Z5lFEwS1uYlv

Score

10^/10

mirai horizon defense_evasion discovery linux

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e4f3941ffec19145281f6944a410e0bf_JaffaCakes118

Resource

ubuntu2204-amd64-20240611-en

defense_evasion discovery

ubuntu-22.04-amd64

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

HORIZON

C2

cnc.monkesec.xyz

scan.monkesec.xyz

Targets

- Target
  
  e4f3941ffec19145281f6944a410e0bf_JaffaCakes118
- Size
  
  44KB
- MD5
  
  e4f3941ffec19145281f6944a410e0bf
- SHA1
  
  96c903a86f916ae5df7b94799fc07f10bf676a01
- SHA256
  
  4226e8f124d1a002429cc2649564a8f379b99182b9875b3402dcc2a25f53186c
- SHA512
  
  d0e748960ec3bee08c3a922998fb58bd776a8f3812b4f920bc45b59e28151f356d9af4dcd4ffd22409a9ff8917c9f476c5d1bfc327922923bbc19dd5bf879e64
- SSDEEP
  
  768:+Xrz1T71Ns/1TMQaxUsHMh0Z5SyhjEwSqku0Zlv6:+7J31NG+HY0Z5lFEwS1uYlv
Score

9^/10

defense_evasion discovery
- Contacts a large (57957) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy