General

  • Target

    x86.elf

  • Size

    70KB

  • Sample

    241219-ta25vavlfv

  • MD5

    d027117b5c35d44021ac6d93a2aeb233

  • SHA1

    f7252bfd477e683caf1d8274b79835b94b600480

  • SHA256

    9fe384f7e5c09dc9902d1500dcdd5f0edc7f484970bb2877a523e6bd4fc67401

  • SHA512

    54ebf24784c168bb83268496eb7b942e3b2936ab87f45dbcbd5469170328bf7e8f6833d317ea41aa9372b59e3b94c95932656713df4f5276ec15879744a72434

  • SSDEEP

    1536:u+rUM2UJcckdqjYp0S5YX+WwIzBvDJHXtMlKEpzcR4lp4vKop4HpFPCD:BrUvUJcckdqjYprYXaMBvDJHXhgcKlp8

Malware Config

Extracted

Family

mirai

Botnet

OWARI

Targets

    • Target

      x86.elf

    • Size

      70KB

    • MD5

      d027117b5c35d44021ac6d93a2aeb233

    • SHA1

      f7252bfd477e683caf1d8274b79835b94b600480

    • SHA256

      9fe384f7e5c09dc9902d1500dcdd5f0edc7f484970bb2877a523e6bd4fc67401

    • SHA512

      54ebf24784c168bb83268496eb7b942e3b2936ab87f45dbcbd5469170328bf7e8f6833d317ea41aa9372b59e3b94c95932656713df4f5276ec15879744a72434

    • SSDEEP

      1536:u+rUM2UJcckdqjYp0S5YX+WwIzBvDJHXtMlKEpzcR4lp4vKop4HpFPCD:BrUvUJcckdqjYprYXaMBvDJHXhgcKlp8

    Score
    9/10
    • Contacts a large (49346) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

MITRE ATT&CK Enterprise v15

Tasks