mirai | 4e26e5271b9eeaddec3969bfc3c20f4b348b2b02e1ed076471f46096ad62c5f6 | Triage

Submit
Reports

Overview

overview

Static

static

5

.Sarm7.elf

debian-9-armhf

Sharing

General

Target

.Sarm7.elf
Size

56KB
Sample

241230-bplgjatjdj
MD5

4717d4355735701317c8ed18eda475c5
SHA1

0f9f3434b80f309d77406d9498a99f1781c82094
SHA256

4e26e5271b9eeaddec3969bfc3c20f4b348b2b02e1ed076471f46096ad62c5f6
SHA512

46b88ecffa655f6698e3ef9f85e29809fb301e1bb57663ef89e1cf470fe19d719c3460dd324a56e2b7a39da2882a16c570efb4668e263bf4f07b34e9674e1552
SSDEEP

1536:DCKWfy1sazvsUJO5f8knJzRU/hEnLeGg1tqW0xfbAMOARS:Zara/JO5ftnUpEnLeGAkWUjJ7S

Score

10^/10

mirai botnet discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

.Sarm7.elf

Resource

debian9-armhf-20240611-en

mirai botnet discovery

debian-9-armhf

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

C2

e.xijinping.mov

Targets

- Target
  
  .Sarm7.elf
- Size
  
  56KB
- MD5
  
  4717d4355735701317c8ed18eda475c5
- SHA1
  
  0f9f3434b80f309d77406d9498a99f1781c82094
- SHA256
  
  4e26e5271b9eeaddec3969bfc3c20f4b348b2b02e1ed076471f46096ad62c5f6
- SHA512
  
  46b88ecffa655f6698e3ef9f85e29809fb301e1bb57663ef89e1cf470fe19d719c3460dd324a56e2b7a39da2882a16c570efb4668e263bf4f07b34e9674e1552
- SSDEEP
  
  1536:DCKWfy1sazvsUJO5f8knJzRU/hEnLeGg1tqW0xfbAMOARS:Zara/JO5ftnUpEnLeGAkWUjJ7S
Score

10^/10

mirai botnet discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Mirai family
  mirai
- Deletes itself
- Traces itself
  Traces itself to prevent debugging attempts
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

miraibotnetdiscovery

© 2018-2025

Terms | Privacy