mirai | 46419a2a90c5e8bc00ba3ba3e09c5271ea70945a778702e15f9f832e34aefda6 | Triage

Sharing

General

Target

bb446b6ba8a21b846dbb42661d3adedc.bin
Size

26KB
Sample

241217-b57ppsxmfp
MD5

55b7f1be1a4b6bbfa2b647ebdce8960b
SHA1

ef55c884b63714835f1c0e9520c36689d76a5a09
SHA256

46419a2a90c5e8bc00ba3ba3e09c5271ea70945a778702e15f9f832e34aefda6
SHA512

22006927ec3184b9e200e0c7ee55ef8b2ab549fe4d05c4cfee58d30dd2774d6e9dbf163dded9a2e66ac625b5b31c7607a69fbbcfc5e46d63b01a2447ebfc85e5
SSDEEP

768:7I2wIkd7/bY+BD2gSEnbp/d2WKGxjIY2mRo8f9:0TFJ/bY+BD57bxd2WKG+il

Score

10^/10

mirai defense_evasion discovery

Malware Config

Targets

- Target
  
  0c354ebbe4584e62c4bae62dcbca7e100993a1741aab7f2220d360b1a4139c2b.elf
- Size
  
  66KB
- MD5
  
  bb446b6ba8a21b846dbb42661d3adedc
- SHA1
  
  afb017f2ae2d4e0eab102d82b4ef4f0961cd0493
- SHA256
  
  0c354ebbe4584e62c4bae62dcbca7e100993a1741aab7f2220d360b1a4139c2b
- SHA512
  
  cb0633d7f7ad42b5595ade06938533467029c21a6ffd899c20b54bf044e7613dbc610a6a98f37169f66e7684a5cfcbb1cdc26dc4f06970041f16dd25e75c51c4
- SSDEEP
  
  768:ZaR/gw064+ZSYd4hcfZ2uAHvkTby8YD5PYt0vt/3wyENuwn9nDZnananBKj0KzcV:tYkE0uA4byxYW9cCQKDLt9aFQXVdmWk
Score

9^/10

defense_evasion discovery
- Contacts a large (544145) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery