Overview

overview

10

Static

static

10

nshkarm7.elf

debian-12-armhf

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    nshkarm7.elf

  • Size

    96KB

  • Sample

    241221-zjn78szjfq

  • MD5

    3787a29f90ccc08e39a8e957be61d9aa

  • SHA1

    6c0c1e80795b8ea76ccf09452120eb801cd1ab55

  • SHA256

    60e8fe252180f6eed332b8722e756557d765ab99f9d89079138ff6953d2f23cb

  • SHA512

    8cbb3bfbbc26163eade960948d2bf9faa0522d3276651dc8e2d411c7cfe1aca7fda1ca612f2996544db7820cbc1c95fe0f6299fc876aa94c91056d40f1ef2aa7

  • SSDEEP

    3072:C3VjdYsCmHubaQZ264gwrTye/7j8qvczh6H0:C3L7abaQZ264geTj7Yq66H0

Score
10/10
miraibotnetdiscovery

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

    • Target

      nshkarm7.elf

    • Size

      96KB

    • MD5

      3787a29f90ccc08e39a8e957be61d9aa

    • SHA1

      6c0c1e80795b8ea76ccf09452120eb801cd1ab55

    • SHA256

      60e8fe252180f6eed332b8722e756557d765ab99f9d89079138ff6953d2f23cb

    • SHA512

      8cbb3bfbbc26163eade960948d2bf9faa0522d3276651dc8e2d411c7cfe1aca7fda1ca612f2996544db7820cbc1c95fe0f6299fc876aa94c91056d40f1ef2aa7

    • SSDEEP

      3072:C3VjdYsCmHubaQZ264gwrTye/7j8qvczh6H0:C3L7abaQZ264geTj7Yq66H0

    Score
    9/10
    discovery

    • Contacts a large (280820) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks