mirai | 57aef1df1475e4e6805afbdf05c7992482384fdae7258988c116e70eb571f9b0 | Triage

Submit
Reports

Overview

overview

Static

static

5

db0fa4b8db...86.elf

ubuntu-22.04-amd64

Sharing

General

Target

db0fa4b8db0333367e9bda3ab68b8042.x86.elf
Size

33KB
Sample

241228-x2me9a1jay
MD5

aab63e2b34877cb76f62b1aaaa786760
SHA1

247fbe9563a8d89c38f09acd1fef97b52bfc8f86
SHA256

57aef1df1475e4e6805afbdf05c7992482384fdae7258988c116e70eb571f9b0
SHA512

b4d298aca02eed357a0e353c135fe67c30c6f6c12ba29f56358ad3c0944a196296525121f99271624ef3d374b2b53aa9c1dceb677e3e04a006da6c40e4a699af
SSDEEP

768:Am5QiX/H16FyxFM9VEmj1qxZGhmPhABw3BKlVlfxMnbcuyD7UiyqI:d5QoVkyxFUVEmjuZGhcRKlVl2nouy8ZT

Score

10^/10

mirai unstable botnet defense_evasion discovery linux upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

db0fa4b8db0333367e9bda3ab68b8042.x86.elf

Resource

ubuntu2204-amd64-20240611-en

mirai unstable botnet defense_evasion discovery

ubuntu-22.04-amd64

9 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

- Target
  
  db0fa4b8db0333367e9bda3ab68b8042.x86.elf
- Size
  
  33KB
- MD5
  
  aab63e2b34877cb76f62b1aaaa786760
- SHA1
  
  247fbe9563a8d89c38f09acd1fef97b52bfc8f86
- SHA256
  
  57aef1df1475e4e6805afbdf05c7992482384fdae7258988c116e70eb571f9b0
- SHA512
  
  b4d298aca02eed357a0e353c135fe67c30c6f6c12ba29f56358ad3c0944a196296525121f99271624ef3d374b2b53aa9c1dceb677e3e04a006da6c40e4a699af
- SSDEEP
  
  768:Am5QiX/H16FyxFM9VEmj1qxZGhmPhABw3BKlVlfxMnbcuyD7UiyqI:d5QoVkyxFUVEmjuZGhcRKlVl2nouy8ZT
Score

10^/10

mirai unstable botnet defense_evasion discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Mirai family
  mirai
- Contacts a large (190935) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraiunstablebotnetdefense_evasiondiscovery

© 2018-2025

Terms | Privacy