General
-
Target
394cf6ad4a71182985a3bea2bb6f973d6cf58f8ce38937ccb5b4961e00ff6233.elf
-
Size
97KB
-
Sample
241215-cmn1ba1mcx
-
MD5
ee5b1c1670093a822c8ae6669b6a3cd2
-
SHA1
48fb634d9f8de70dea6d0abbfdb7cd56ed882ee3
-
SHA256
394cf6ad4a71182985a3bea2bb6f973d6cf58f8ce38937ccb5b4961e00ff6233
-
SHA512
95604d28e5925e942adc958d23f3213a6004a8c977cc7047d7f886d122b8f80c10d02552dd88a89710e8a135a8a069cc9194aba594ce1a51cfac6b0fc8583747
-
SSDEEP
3072:E8MvUc4GvzsK2+U/MDeMC4zCMAJPFwbZnD4:E8Mfz/2+U/UvTzjCwRD4
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
394cf6ad4a71182985a3bea2bb6f973d6cf58f8ce38937ccb5b4961e00ff6233.elf
-
Size
97KB
-
MD5
ee5b1c1670093a822c8ae6669b6a3cd2
-
SHA1
48fb634d9f8de70dea6d0abbfdb7cd56ed882ee3
-
SHA256
394cf6ad4a71182985a3bea2bb6f973d6cf58f8ce38937ccb5b4961e00ff6233
-
SHA512
95604d28e5925e942adc958d23f3213a6004a8c977cc7047d7f886d122b8f80c10d02552dd88a89710e8a135a8a069cc9194aba594ce1a51cfac6b0fc8583747
-
SSDEEP
3072:E8MvUc4GvzsK2+U/MDeMC4zCMAJPFwbZnD4:E8Mfz/2+U/UvTzjCwRD4
Score9/10-
Contacts a large (23824) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Modifies rc script
Adding/modifying system rc scripts is a common persistence mechanism.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1Privilege Escalation
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1