Overview

overview

10

Static

static

1

5a6cf71d1c...b04.sh

ubuntu-18.04-amd64

10

5a6cf71d1c...b04.sh

debian-9-armhf

10

5a6cf71d1c...b04.sh

debian-9-mips

10

5a6cf71d1c...b04.sh

debian-9-mipsel

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5a6cf71d1c00b9f6b945288379aa5b4618c42499a68935689a066a53f6d3fb04.sh

  • Size

    712B

  • Sample

    241216-cqyzpaynds

  • MD5

    2f29393f01fcaee126bc912e142c2ba1

  • SHA1

    a222a1d5330cc606fdcef95a469ae21db1cb8c6b

  • SHA256

    5a6cf71d1c00b9f6b945288379aa5b4618c42499a68935689a066a53f6d3fb04

  • SHA512

    18f49377380b5e58f38b589506858c6f140f5f303e481150d0f6600d2e13a294a9f03223580de902209de75f0f20efa5c05d63dd05396ee3c3c2534160b803f1

Score
10/10
miraibotnetdefense_evasiondiscoverylinux

Malware Config

Extracted

Family

mirai

C2

t.hxhk.cc

Extracted

Family

mirai

C2

t.hxhk.cc

Extracted

Family

mirai

C2

t.hxhk.cc

Extracted

Family

mirai

C2

t.hxhk.cc

Targets

    • Target

      5a6cf71d1c00b9f6b945288379aa5b4618c42499a68935689a066a53f6d3fb04.sh

    • Size

      712B

    • MD5

      2f29393f01fcaee126bc912e142c2ba1

    • SHA1

      a222a1d5330cc606fdcef95a469ae21db1cb8c6b

    • SHA256

      5a6cf71d1c00b9f6b945288379aa5b4618c42499a68935689a066a53f6d3fb04

    • SHA512

      18f49377380b5e58f38b589506858c6f140f5f303e481150d0f6600d2e13a294a9f03223580de902209de75f0f20efa5c05d63dd05396ee3c3c2534160b803f1

    Score
    10/10
    miraibotnetdefense_evasiondiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Deletes itself

    • Executes dropped EXE

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks