mirai | cb79ac091b817342d2c9f4061588360d7be2dd0771910054e7d1b45aca940aa7 | Triage

Sharing

General

Target

arm6.elf
Size

45KB
Sample

241215-x5gzyatpdw
MD5

fef73963d4087fd2da9abc5501e8f9b8
SHA1

502acae3bda35629e1ced3de6c0cca16fe98c07d
SHA256

cb79ac091b817342d2c9f4061588360d7be2dd0771910054e7d1b45aca940aa7
SHA512

d44a6dc1b19748ac3071db4fefabb701f64c23566eed4e7bc9dccdde2c8523f3b30986fede4652d225a3396cea24ee505f8e26935fb2865e16bb304abc1ca31c
SSDEEP

768:wZn5zr/7tUFkLuQQtEXLLFTV71NY+FEC9QnsOzU+fumpUisIbSNiykofoHgOIlhi:wZnZ7tUKL3QtSXRV71NYSEwQsOzLPiIz

Score

10^/10

mirai defense_evasion discovery

Malware Config

Targets

- Target
  
  arm6.elf
- Size
  
  45KB
- MD5
  
  fef73963d4087fd2da9abc5501e8f9b8
- SHA1
  
  502acae3bda35629e1ced3de6c0cca16fe98c07d
- SHA256
  
  cb79ac091b817342d2c9f4061588360d7be2dd0771910054e7d1b45aca940aa7
- SHA512
  
  d44a6dc1b19748ac3071db4fefabb701f64c23566eed4e7bc9dccdde2c8523f3b30986fede4652d225a3396cea24ee505f8e26935fb2865e16bb304abc1ca31c
- SSDEEP
  
  768:wZn5zr/7tUFkLuQQtEXLLFTV71NY+FEC9QnsOzU+fumpUisIbSNiykofoHgOIlhi:wZnZ7tUKL3QtSXRV71NYSEwQsOzLPiIz
Score

9^/10

defense_evasion discovery
- Contacts a large (74982) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery