mirai | 76d92c57b9f5973608133c5f13e71e4756cfb47663d3b8bc7b2dd23ebac76284 | Triage

Submit
Reports

Overview

overview

Static

static

Hilix.mips.elf

debian-9-mips

9

Sharing

General

Target

Hilix.mips.elf
Size

75KB
Sample

250102-ksqp4axjcj
MD5

dd307c473227b29f08eca8dd1807339f
SHA1

a61c1ca4701ccc2ad616d2c6f7f0426201088fb7
SHA256

76d92c57b9f5973608133c5f13e71e4756cfb47663d3b8bc7b2dd23ebac76284
SHA512

d75431f47d4d5e5ad05e95a0fbb8f4f5ccb8d1eacbcd4031191f546c0442202bcfb654bf8eaea8945f6cbcbf97e2545fb7c55de28bf180b6559031f871308a96
SSDEEP

1536:pVNzbOfVDFzxJXilJHbj90OproByEALurtTgF8S1z3bwUz1:pVdbSTXibbj90OproBeEtTgFl1z71

Score

10^/10

mirai sora defense_evasion discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Hilix.mips.elf

Resource

debian9-mipsbe-20240729-en

defense_evasion discovery

debian-9-mips

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

SORA

Targets

- Target
  
  Hilix.mips.elf
- Size
  
  75KB
- MD5
  
  dd307c473227b29f08eca8dd1807339f
- SHA1
  
  a61c1ca4701ccc2ad616d2c6f7f0426201088fb7
- SHA256
  
  76d92c57b9f5973608133c5f13e71e4756cfb47663d3b8bc7b2dd23ebac76284
- SHA512
  
  d75431f47d4d5e5ad05e95a0fbb8f4f5ccb8d1eacbcd4031191f546c0442202bcfb654bf8eaea8945f6cbcbf97e2545fb7c55de28bf180b6559031f871308a96
- SSDEEP
  
  1536:pVNzbOfVDFzxJXilJHbj90OproByEALurtTgF8S1z3bwUz1:pVdbSTXibbj90OproBeEtTgFl1z71
Score

9^/10

defense_evasion discovery
- Contacts a large (350612) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy