mirai | 7958027a7838046cd8156febeb0ef9cd9bac840a4f1e07d51f9182890ef3c6b6 | Triage

Sharing

General

Target

7958027a7838046cd8156febeb0ef9cd9bac840a4f1e07d51f9182890ef3c6b6.elf
Size

42KB
Sample

241216-cvpxksyqew
MD5

a4b11a22fa434bce0d2e95f30b2b263e
SHA1

6d142c5c0a1abc9f0531ef1572d2bc5f3d228afe
SHA256

7958027a7838046cd8156febeb0ef9cd9bac840a4f1e07d51f9182890ef3c6b6
SHA512

664211c3399f5a312846003461c6750f8502042a54e884b668023af03b20964dc25b9a8c5d2bac41c45f16c41ba9462b96b847430b02fec2a8ab0f4261d2907b
SSDEEP

768:LLJQIFlE0oYlMhkczSDizYJxOF5ofBrGMBZkgNJrXzyn0OHTw2BQ:hjWhDSmzYJgFKBrXBZkgNJr6XbB

Score

10^/10

mirai botnet defense_evasion discovery linux

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

- Target
  
  7958027a7838046cd8156febeb0ef9cd9bac840a4f1e07d51f9182890ef3c6b6.elf
- Size
  
  42KB
- MD5
  
  a4b11a22fa434bce0d2e95f30b2b263e
- SHA1
  
  6d142c5c0a1abc9f0531ef1572d2bc5f3d228afe
- SHA256
  
  7958027a7838046cd8156febeb0ef9cd9bac840a4f1e07d51f9182890ef3c6b6
- SHA512
  
  664211c3399f5a312846003461c6750f8502042a54e884b668023af03b20964dc25b9a8c5d2bac41c45f16c41ba9462b96b847430b02fec2a8ab0f4261d2907b
- SSDEEP
  
  768:LLJQIFlE0oYlMhkczSDizYJxOF5ofBrGMBZkgNJrXzyn0OHTw2BQ:hjWhDSmzYJgFKBrXBZkgNJr6XbB
Score

9^/10

defense_evasion discovery
- Contacts a large (573377) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery