mirai | e5e406d7abeffa9b3f2a4e10c916cb8dc0dd869287602d1c24eb58ac5779679e | Triage

Submit
Reports

Overview

overview

Static

static

5

e5e406d7ab...9e.elf

debian-9-armhf

Sharing

General

Target

e5e406d7abeffa9b3f2a4e10c916cb8dc0dd869287602d1c24eb58ac5779679e.elf
Size

33KB
Sample

250108-drf1yatnhn
MD5

bae8a7784c981a9da7e2a7ee9049ad19
SHA1

bcf1bf046e56b8c06a998b8d31f26c02e6ce7bb6
SHA256

e5e406d7abeffa9b3f2a4e10c916cb8dc0dd869287602d1c24eb58ac5779679e
SHA512

367d37c69042bfbbfc344d33c314c122b1d47cb2c513f24820bdd9580c7b23212f56896d96176316a33a8d6ca1172a79d0efde47bf9c63fe1243a9c720df649c
SSDEEP

384:vMeYSa0BhttK1d5+X8sVw0StOn9iN7LHi1P8nVyQGj6oyj0B5iOJi86cokBmdGU9:h7tKd+MsVw0YN3CanoQblj0X56cFB3U9

Score

10^/10

mirai mirai botnet defense_evasion discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e5e406d7abeffa9b3f2a4e10c916cb8dc0dd869287602d1c24eb58ac5779679e.elf

Resource

debian9-armhf-20240611-en

mirai mirai botnet defense_evasion discovery

debian-9-armhf

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

C2

raw.igxhost.ru

Targets

- Target
  
  e5e406d7abeffa9b3f2a4e10c916cb8dc0dd869287602d1c24eb58ac5779679e.elf
- Size
  
  33KB
- MD5
  
  bae8a7784c981a9da7e2a7ee9049ad19
- SHA1
  
  bcf1bf046e56b8c06a998b8d31f26c02e6ce7bb6
- SHA256
  
  e5e406d7abeffa9b3f2a4e10c916cb8dc0dd869287602d1c24eb58ac5779679e
- SHA512
  
  367d37c69042bfbbfc344d33c314c122b1d47cb2c513f24820bdd9580c7b23212f56896d96176316a33a8d6ca1172a79d0efde47bf9c63fe1243a9c720df649c
- SSDEEP
  
  384:vMeYSa0BhttK1d5+X8sVw0StOn9iN7LHi1P8nVyQGj6oyj0B5iOJi86cokBmdGU9:h7tKd+MsVw0YN3CanoQblj0X56cFB3U9
Score

10^/10

mirai mirai botnet defense_evasion discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Mirai family
  mirai
- Contacts a large (23512) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraimiraibotnetdefense_evasiondiscovery

© 2018-2025

Terms | Privacy