Overview

overview

10

Static

static

10

659a3f750b...a9.elf

debian-9-armhf

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    28072dae915931fce3b860dd02a617c3.bin

  • Size

    50KB

  • Sample

    241222-bg1w9axldq

  • MD5

    a9642358311d944d62ed314199bae26f

  • SHA1

    e4c455ba516e33c8b8a260b5de51d89ab8a125f1

  • SHA256

    c2f693789513699186980071c42e8aa197b9e81702ec964fc97bb6094f234493

  • SHA512

    4152f0ef5379fa15e332f9aa345d0a2db3bad9eec2a45141cc8b8079f189f3e368fc580324d820c7ee2525f6f8a416206eb7af6bc9e09f40f2f976b232c2cc99

  • SSDEEP

    1536:bxFvYkOE63DvgsCQbV8NDiL9Ka8sM0eMLa:bxFvV6zMTDis9Ma

Score
10/10
miraibotnetdiscovery

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

    • Target

      659a3f750bf48969cceb9a870716b5eb461e94b89ea7d447ac1ee65468b682a9.elf

    • Size

      96KB

    • MD5

      28072dae915931fce3b860dd02a617c3

    • SHA1

      f78ce189ed76ad82d2e8faabef7f9358fd246454

    • SHA256

      659a3f750bf48969cceb9a870716b5eb461e94b89ea7d447ac1ee65468b682a9

    • SHA512

      184fd4dfd7cc0fb3bac71dee15ab50a266dfa730e8bbf531c67037e5381ec512049f7e05d1c7f843fce608f7fcc35e0b39eb57a612e59ef73ced34bade201466

    • SSDEEP

      3072:i3VjdYsCmHubaQZ264gwrTye/7j8qvczh6H0:i3L7abaQZ264geTj7Yq66H0

    Score
    9/10
    discovery

    • Contacts a large (293077) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks