mirai | f599495bfe3b8eadc1be4eda341eab7ff8bae632236e213e03768c7d31b368a1 | Triage

Submit
Reports

Overview

overview

Static

static

ngwa5.elf

debian-9-armhf

7

Sharing

General

Target

ngwa5.elf
Size

154KB
Sample

250102-hqxphsyrex
MD5

d4ca12234d829f677ded425c860a5de6
SHA1

7585f92317f2c788c20a4dc7ead8a054eea18827
SHA256

f599495bfe3b8eadc1be4eda341eab7ff8bae632236e213e03768c7d31b368a1
SHA512

696a3e949508e7acc154b21d86f3f743fbe1887e27b2d9f2f95de91e0e74a5f3cf4d5b156fa2492ed9db04381184b564a4e46ece80b1a03047bb9dbb5273209d
SSDEEP

1536:Bz8gOTkE/3a6oxRIsBF8IfbRaAr0tT4V8FgTDno2RF2DO93cG3gJHgWAlgbwyw1V:Bz8gd6C7TRaxl4cgvo27hQJAFzB1

Score

10^/10

mirai botnet discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ngwa5.elf

Resource

debian9-armhf-20240729-en

debian-9-armhf

4 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

C2

boats.dogmuncher.xyz

89.190.156.145

Targets

- Target
  
  ngwa5.elf
- Size
  
  154KB
- MD5
  
  d4ca12234d829f677ded425c860a5de6
- SHA1
  
  7585f92317f2c788c20a4dc7ead8a054eea18827
- SHA256
  
  f599495bfe3b8eadc1be4eda341eab7ff8bae632236e213e03768c7d31b368a1
- SHA512
  
  696a3e949508e7acc154b21d86f3f743fbe1887e27b2d9f2f95de91e0e74a5f3cf4d5b156fa2492ed9db04381184b564a4e46ece80b1a03047bb9dbb5273209d
- SSDEEP
  
  1536:Bz8gOTkE/3a6oxRIsBF8IfbRaAr0tT4V8FgTDno2RF2DO93cG3gJHgWAlgbwyw1V:Bz8gd6C7TRaxl4cgvo27hQJAFzB1
Score

7^/10

discovery
- Deletes itself
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy