Overview

overview

10

Static

static

10

a41620a962...c6.elf

debian-9-armhf

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a41620a962349468235a9c697a0e3b4b54de42eb5a5982b5a0409de23323e3c6.elf

  • Size

    97KB

  • Sample

    241221-dd5r5s1kdy

  • MD5

    7759f88a6d79ba60e9a232a8952821f1

  • SHA1

    8fd487ed8009478c6955b0a9c4b547ba63727c24

  • SHA256

    a41620a962349468235a9c697a0e3b4b54de42eb5a5982b5a0409de23323e3c6

  • SHA512

    e3a8784ad628c8fa95e95a97b5b2a09182ed91afd051546bbfd54578d6cb6a29f7d0aab9d53be17040913d8ffc7802a30f80172a9bb86949c026ec7736dd9749

  • SSDEEP

    3072:GKsAW3h8xjDI0taCqGwapyAuKltAJzL7azhHH:GKSRPsaCqGwapPu8AhLIHH

Score
10/10
miraibotnetdiscovery

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

    • Target

      a41620a962349468235a9c697a0e3b4b54de42eb5a5982b5a0409de23323e3c6.elf

    • Size

      97KB

    • MD5

      7759f88a6d79ba60e9a232a8952821f1

    • SHA1

      8fd487ed8009478c6955b0a9c4b547ba63727c24

    • SHA256

      a41620a962349468235a9c697a0e3b4b54de42eb5a5982b5a0409de23323e3c6

    • SHA512

      e3a8784ad628c8fa95e95a97b5b2a09182ed91afd051546bbfd54578d6cb6a29f7d0aab9d53be17040913d8ffc7802a30f80172a9bb86949c026ec7736dd9749

    • SSDEEP

      3072:GKsAW3h8xjDI0taCqGwapyAuKltAJzL7azhHH:GKSRPsaCqGwapPu8AhLIHH

    Score
    9/10
    discovery

    • Contacts a large (288339) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks