Overview

overview

10

Static

static

1

wget.sh

ubuntu-18.04-amd64

7

wget.sh

debian-9-armhf

7

wget.sh

debian-9-mips

10

wget.sh

debian-9-mipsel

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    wget.sh

  • Size

    676B

  • Sample

    241218-qk4jwazqb1

  • MD5

    5b3ceaec7a3ad11b45f5fca1b603d939

  • SHA1

    5e5ee3fa232288f77e670c66d8ca42c0cc171e45

  • SHA256

    bb30e07b49a7b5879ee19bcd3beeab6e70ec1451833782537622e6a4b31838fa

  • SHA512

    47efd53dd2696243413fe686c9eeaccf6a0ac07afe72674bd27ee5f6583c45734295941e0540e63c0dd29e2e8f57a1638c4d3de02f7412d71005accb52dfe215

Score
10/10
miraibotnetbotnetdefense_evasiondiscoverylinux

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

C2

boats.dogmuncher.xyz

89.190.156.145

Extracted

Family

mirai

Botnet

BOTNET

C2

89.190.156.145

boats.dogmuncher.xyz

Extracted

Family

mirai

Botnet

BOTNET

C2

boats.dogmuncher.xyz

89.190.156.145

Extracted

Family

mirai

C2

89.190.156.1

89.190.156.145

Targets

    • Target

      wget.sh

    • Size

      676B

    • MD5

      5b3ceaec7a3ad11b45f5fca1b603d939

    • SHA1

      5e5ee3fa232288f77e670c66d8ca42c0cc171e45

    • SHA256

      bb30e07b49a7b5879ee19bcd3beeab6e70ec1451833782537622e6a4b31838fa

    • SHA512

      47efd53dd2696243413fe686c9eeaccf6a0ac07afe72674bd27ee5f6583c45734295941e0540e63c0dd29e2e8f57a1638c4d3de02f7412d71005accb52dfe215

    Score
    10/10
    defense_evasionmiraibotnetbotnetdiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Deletes itself

    • Executes dropped EXE

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks