Overview

overview

10

Static

static

10

nshkmips.elf

debian-9-mips

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    nshkmips.elf

  • Size

    91KB

  • Sample

    241221-tqsakssne1

  • MD5

    3e28033a1dd0ba3934530dd900d53456

  • SHA1

    ef4666b2655feade63925a546f2fc9e2a86269d7

  • SHA256

    4293af8935a04810c1a0edf22120d6780b8fc31cb9ed0e1ba6306fdff15e03c9

  • SHA512

    73c5b7ef016a91bd7bef7e051e21c580fb6831bf621530b1a24bf1a3b095127d61b6290e791835caf7ac2cf0f733c4460781b6b1040cea1558f24e0385ff0de4

  • SSDEEP

    1536:w4PToD4rofjA/CFEsQ3HZW6ZWmuW5SU/WFfqLMxYkGCC0yxe3xKTRh5zCQ:wGXx/CbQ3HSqkYkGC3yJFh5zCQ

Score
10/10
miraibotnetdiscovery

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

    • Target

      nshkmips.elf

    • Size

      91KB

    • MD5

      3e28033a1dd0ba3934530dd900d53456

    • SHA1

      ef4666b2655feade63925a546f2fc9e2a86269d7

    • SHA256

      4293af8935a04810c1a0edf22120d6780b8fc31cb9ed0e1ba6306fdff15e03c9

    • SHA512

      73c5b7ef016a91bd7bef7e051e21c580fb6831bf621530b1a24bf1a3b095127d61b6290e791835caf7ac2cf0f733c4460781b6b1040cea1558f24e0385ff0de4

    • SSDEEP

      1536:w4PToD4rofjA/CFEsQ3HZW6ZWmuW5SU/WFfqLMxYkGCC0yxe3xKTRh5zCQ:wGXx/CbQ3HSqkYkGC3yJFh5zCQ

    Score
    9/10
    discovery

    • Contacts a large (151942) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks