General

  • Target

    3787a29f90ccc08e39a8e957be61d9aa.bin

  • Size

    50KB

  • Sample

    241223-bg639stkfn

  • MD5

    7adf6279289206432303fdf7fd5851ad

  • SHA1

    57e712337b9092bfd0fe83e7087827fccfc81534

  • SHA256

    dc7ab7d74c0c6196d12a6816104ae7946a4d3c47dfa413b7b1d2c334c6983dab

  • SHA512

    154dc291c3816e1e570535e027234a8553d7adb7f509be9471dad781dc1c34a9e4ed3455f6479b16bd5aacd2eb91f1d43605f9468836790d9d8c843e5ea07a6e

  • SSDEEP

    1536:cE9fIbycf/B+rYUfVqSmCQ2FZc823WCf8Acf+YuGtHSB9:cE9gbznKYUd7ZcZ3WlAmXuzn

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

    • Target

      60e8fe252180f6eed332b8722e756557d765ab99f9d89079138ff6953d2f23cb.elf

    • Size

      96KB

    • MD5

      3787a29f90ccc08e39a8e957be61d9aa

    • SHA1

      6c0c1e80795b8ea76ccf09452120eb801cd1ab55

    • SHA256

      60e8fe252180f6eed332b8722e756557d765ab99f9d89079138ff6953d2f23cb

    • SHA512

      8cbb3bfbbc26163eade960948d2bf9faa0522d3276651dc8e2d411c7cfe1aca7fda1ca612f2996544db7820cbc1c95fe0f6299fc876aa94c91056d40f1ef2aa7

    • SSDEEP

      3072:C3VjdYsCmHubaQZ264gwrTye/7j8qvczh6H0:C3L7abaQZ264geTj7Yq66H0

    Score
    9/10
    • Contacts a large (249716) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

MITRE ATT&CK Enterprise v15

Tasks