mirai | ff3b43f66762a8b39fe29e4a99079f6086a9963015140775aa3ac5fe427ec558 | Triage

Submit
Reports

Overview

overview

Static

static

b3astmode.arm5.elf

debian-9-armhf

9

Sharing

General

Target

b3astmode.arm5.elf
Size

49KB
Sample

241213-aasfvssjew
MD5

d585800f95f4f716d9faf633ebaa9433
SHA1

ddf0a2bf2db94565ff0195178c35464c461bba26
SHA256

ff3b43f66762a8b39fe29e4a99079f6086a9963015140775aa3ac5fe427ec558
SHA512

af4c64a694d237e9994abaae75a5444050bbf87726b0d0025bdbcc94ce307b785ff93d79504069b390e51583db7fbc1735d164254bc3822b33154b96f6b94122
SSDEEP

1536:YJC99wkrPYGtZo4i6E7HrbH+AbWmr+F4j2a:YJCbmNdX

Score

10^/10

mirai unst defense_evasion discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b3astmode.arm5.elf

Resource

debian9-armhf-20240611-en

defense_evasion discovery

debian-9-armhf

7 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

UNST

Targets

- Target
  
  b3astmode.arm5.elf
- Size
  
  49KB
- MD5
  
  d585800f95f4f716d9faf633ebaa9433
- SHA1
  
  ddf0a2bf2db94565ff0195178c35464c461bba26
- SHA256
  
  ff3b43f66762a8b39fe29e4a99079f6086a9963015140775aa3ac5fe427ec558
- SHA512
  
  af4c64a694d237e9994abaae75a5444050bbf87726b0d0025bdbcc94ce307b785ff93d79504069b390e51583db7fbc1735d164254bc3822b33154b96f6b94122
- SSDEEP
  
  1536:YJC99wkrPYGtZo4i6E7HrbH+AbWmr+F4j2a:YJCbmNdX
Score

9^/10

defense_evasion discovery
- Contacts a large (67659) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy