General
-
Target
802ce8e51228bd78a395438d2bc80ba5fb3103e74d617d58b879c5fd4d68edcf.elf
-
Size
99KB
-
Sample
241216-cxjtcayrds
-
MD5
d49268df55938edc2dc546319dc100e5
-
SHA1
4c4fc8c97b4da067388dfb234238cbd52e85c38c
-
SHA256
802ce8e51228bd78a395438d2bc80ba5fb3103e74d617d58b879c5fd4d68edcf
-
SHA512
a0b4c435d2600f7bf5e8ec273620b7290c78c218f852723e6ca4abdd046486645585270ffc6a4df04840a5d518e22332bf8848fa7c0f3b65eb103bae415d5e76
-
SSDEEP
3072:VlFuYChcmiy2yCSpIaQmTfYJBwbZnblP:VlFuYVmijyCSpIaQmTfAwRbx
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
802ce8e51228bd78a395438d2bc80ba5fb3103e74d617d58b879c5fd4d68edcf.elf
-
Size
99KB
-
MD5
d49268df55938edc2dc546319dc100e5
-
SHA1
4c4fc8c97b4da067388dfb234238cbd52e85c38c
-
SHA256
802ce8e51228bd78a395438d2bc80ba5fb3103e74d617d58b879c5fd4d68edcf
-
SHA512
a0b4c435d2600f7bf5e8ec273620b7290c78c218f852723e6ca4abdd046486645585270ffc6a4df04840a5d518e22332bf8848fa7c0f3b65eb103bae415d5e76
-
SSDEEP
3072:VlFuYChcmiy2yCSpIaQmTfYJBwbZnblP:VlFuYVmijyCSpIaQmTfAwRbx
Score9/10-
Contacts a large (23351) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Modifies rc script
Adding/modifying system rc scripts is a common persistence mechanism.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1Privilege Escalation
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1