mirai | ba3a3ee7449e015b50b1d4662bfb7c6e256f3f3d119716eb995699036f80a639 | Triage

Submit
Reports

Overview

overview

Static

static

ngwa5.elf

debian-9-armhf

7

Sharing

General

Target

ngwa5.elf
Size

154KB
Sample

241228-z9c8nasphp
MD5

fcd78cda92e0b39c4743ba2b430914d5
SHA1

a2ea7c56522e27991afd72e9d11b0be2fe21149a
SHA256

ba3a3ee7449e015b50b1d4662bfb7c6e256f3f3d119716eb995699036f80a639
SHA512

5c5f67f101dd66b5242e8c1c0e56a59ad01a0e64d23320939692ec38d1fceec937c62129a466d391ff2608f05a498100c3f557a1e3f7a25a3c8603fcd52171d1
SSDEEP

3072:xNKs58C55mYuMRN04VhF6s9RjQnHA86VFTs:nKs58LmX04Vj6sPjQng863Ts

Score

10^/10

mirai botnet discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ngwa5.elf

Resource

debian9-armhf-20240729-en

debian-9-armhf

4 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

C2

89.190.156.145

Targets

- Target
  
  ngwa5.elf
- Size
  
  154KB
- MD5
  
  fcd78cda92e0b39c4743ba2b430914d5
- SHA1
  
  a2ea7c56522e27991afd72e9d11b0be2fe21149a
- SHA256
  
  ba3a3ee7449e015b50b1d4662bfb7c6e256f3f3d119716eb995699036f80a639
- SHA512
  
  5c5f67f101dd66b5242e8c1c0e56a59ad01a0e64d23320939692ec38d1fceec937c62129a466d391ff2608f05a498100c3f557a1e3f7a25a3c8603fcd52171d1
- SSDEEP
  
  3072:xNKs58C55mYuMRN04VhF6s9RjQnHA86VFTs:nKs58LmX04Vj6sPjQng863Ts
Score

7^/10

discovery
- Deletes itself
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy