mirai | efc7165c2ae8f899dac4591c910166d8e9b11af6393947ea06ed365432389ece | Triage

Sharing

General

Target

efc7165c2ae8f899dac4591c910166d8e9b11af6393947ea06ed365432389ece.elf
Size

59KB
Sample

241228-dhx8vsvpeq
MD5

7f662812ede5182b5c29a0fbc2ea1194
SHA1

3039b2fec557819f487e25914342ea71c40f8f82
SHA256

efc7165c2ae8f899dac4591c910166d8e9b11af6393947ea06ed365432389ece
SHA512

aa416ae5fe611567691c16f74db98a4a0afbba84c4c391ca346c55661fdc13ca68323b9be3c694cc7365e0d0be3bcf6422208dfa47be3c1172ec1b84b740b722
SSDEEP

768:lP6aHMzAR6hM2uQBTPpdxnlILKU0vVONyjgGhd2G4NMiplImpcvwJZY10UoZvBqJ:0aHuAzgjjfUKU0NONyjgG+7XtJa10fB

Score

10^/10

mirai demons discovery

Malware Config

Extracted

Family

mirai

Botnet

DEMONS

Targets

- Target
  
  efc7165c2ae8f899dac4591c910166d8e9b11af6393947ea06ed365432389ece.elf
- Size
  
  59KB
- MD5
  
  7f662812ede5182b5c29a0fbc2ea1194
- SHA1
  
  3039b2fec557819f487e25914342ea71c40f8f82
- SHA256
  
  efc7165c2ae8f899dac4591c910166d8e9b11af6393947ea06ed365432389ece
- SHA512
  
  aa416ae5fe611567691c16f74db98a4a0afbba84c4c391ca346c55661fdc13ca68323b9be3c694cc7365e0d0be3bcf6422208dfa47be3c1172ec1b84b740b722
- SSDEEP
  
  768:lP6aHMzAR6hM2uQBTPpdxnlILKU0vVONyjgGhd2G4NMiplImpcvwJZY10UoZvBqJ:0aHuAzgjjfUKU0NONyjgG+7XtJa10fB
Score

6^/10

discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1