General

  • Target

    23a0598f20eedd3be23be91892dea3a7.bin

  • Size

    36KB

  • Sample

    241223-bdlm6atkaq

  • MD5

    e5b2509459b18c2716cf597ebdc358b5

  • SHA1

    2b951079923c4b78722b4e1c73fe4b2c0d05782a

  • SHA256

    4ad5c05cb4030d221e8251bb6212329fb6ecb0ea97d03e3a1817babb60c30b32

  • SHA512

    d9a6510127bb6f61fd5e84f5947f5209def43538f98317e75b254cef635cf77fd52844d1c0adc930b5c6ed31fdb39fff096c409f619c5e4cf5018f69dac3f6c9

  • SSDEEP

    768:Ugc/mY7LAFvgwETBk3us/tSzsqvjx59lsYFn+hORER7erNv2p2HzFy9nb:Ugc/mY7LAos/tS7jx3l5RORwNepgg1

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

    • Target

      874a3ac4fd35321b47b7c4f6a3de963f239ef599fca5e4ee0fbda832b2ade89c.elf

    • Size

      83KB

    • MD5

      23a0598f20eedd3be23be91892dea3a7

    • SHA1

      337b56ae51839bfbf6c2c5ed7556b5f6569bdd77

    • SHA256

      874a3ac4fd35321b47b7c4f6a3de963f239ef599fca5e4ee0fbda832b2ade89c

    • SHA512

      ad6618896630a3f3c767a9b0b87f9dcd15a51a81ea90214ee6c0783ec60e8f9db2f1f644854b6e8a7280ad670fad923e6241465c6904f2cbd4219e0e6dc88afa

    • SSDEEP

      1536:gjEoAtpCXtKitKzVKkYVFGlKzAZavduOPsSgkGRgbKkBfWE1fpQ6B/86YX8ZM3P+:zoA3CrFRAaduOPsSgkGRgbKkBfWE1fph

    Score
    9/10
    • Contacts a large (273795) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

MITRE ATT&CK Enterprise v15

Tasks