Overview

overview

10

Static

static

10

nshmips.elf

debian-9-mips

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    nshmips.elf

  • Size

    95KB

  • Sample

    241221-qv8lks1jcr

  • MD5

    5f9077245a8bd881f4a484ede89d6e4d

  • SHA1

    ad002c54c920ba8a336e41dd6638b9ed6bc13f62

  • SHA256

    875ec9e70673f8049e02d6d061e6bec597dbe68ccb31cfdaad54d2c05b6d1c7b

  • SHA512

    2140fad63ffffef28c978d74a6414f776b9ecd0d199502f533f081c5d4a4666cd90f8acbc501ba626d084bc1c8ac15671487e5b855546553b9f4fedf8d465cbd

  • SSDEEP

    1536:NO7ijkRfjMudJkVlFCxFCSiCJ6TPPb/0ggyTjhnnVQ6e9P0DRdz3u:HYyuIVB70KTjhnVQ8Rdz3u

Score
10/10
miraibotnetdiscovery

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

    • Target

      nshmips.elf

    • Size

      95KB

    • MD5

      5f9077245a8bd881f4a484ede89d6e4d

    • SHA1

      ad002c54c920ba8a336e41dd6638b9ed6bc13f62

    • SHA256

      875ec9e70673f8049e02d6d061e6bec597dbe68ccb31cfdaad54d2c05b6d1c7b

    • SHA512

      2140fad63ffffef28c978d74a6414f776b9ecd0d199502f533f081c5d4a4666cd90f8acbc501ba626d084bc1c8ac15671487e5b855546553b9f4fedf8d465cbd

    • SSDEEP

      1536:NO7ijkRfjMudJkVlFCxFCSiCJ6TPPb/0ggyTjhnnVQ6e9P0DRdz3u:HYyuIVB70KTjhnVQ8Rdz3u

    Score
    9/10
    discovery

    • Contacts a large (116115) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks