mirai | 0b3b6d2310ae7631c4ffbb1ee1881cc5fcd595165f7e6148775a6edf9a94b108 | Triage

Sharing

General

Target

0b3b6d2310ae7631c4ffbb1ee1881cc5fcd595165f7e6148775a6edf9a94b108.elf
Size

61KB
Sample

241214-ckqq5asqa1
MD5

9fdea899e3896993564ccac8f7dc4ce8
SHA1

464cdbf7b6a7b199ec65f2d454a7f7634ba05e64
SHA256

0b3b6d2310ae7631c4ffbb1ee1881cc5fcd595165f7e6148775a6edf9a94b108
SHA512

58c0af3f6113f2d68088ab45e78da04efa4ee6f389671dc52e953e3453f3c2a466195465bad5ffdc9b463639a0f59967aa3f79be6d548c5cd3a44ca1f8032e1f
SSDEEP

1536:q6KB5VmtO8OkJnoJkVcd5EPf7ETCQv30Jcwx7:qVB5VmttOkJoJkid5EH7EeiO7x7

Score

10^/10

mirai discovery linux

Malware Config

Targets

- Target
  
  0b3b6d2310ae7631c4ffbb1ee1881cc5fcd595165f7e6148775a6edf9a94b108.elf
- Size
  
  61KB
- MD5
  
  9fdea899e3896993564ccac8f7dc4ce8
- SHA1
  
  464cdbf7b6a7b199ec65f2d454a7f7634ba05e64
- SHA256
  
  0b3b6d2310ae7631c4ffbb1ee1881cc5fcd595165f7e6148775a6edf9a94b108
- SHA512
  
  58c0af3f6113f2d68088ab45e78da04efa4ee6f389671dc52e953e3453f3c2a466195465bad5ffdc9b463639a0f59967aa3f79be6d548c5cd3a44ca1f8032e1f
- SSDEEP
  
  1536:q6KB5VmtO8OkJnoJkVcd5EPf7ETCQv30Jcwx7:qVB5VmttOkJoJkid5EH7EeiO7x7
Score

7^/10

discovery
- Deletes itself
- Renames itself
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1