mirai | 9701f870720ee716c02d544e6f148075d2798254cae3ad4263df3ef2c82b15d3 | Triage

Sharing

General

Target

elitebotnet.mips.elf
Size

97KB
Sample

250113-lhmfcsxjdw
MD5

0589b3d263957e51899c048a347b5e0a
SHA1

253025ae97055316ad0bc4f9dd4c680e0a9af96a
SHA256

9701f870720ee716c02d544e6f148075d2798254cae3ad4263df3ef2c82b15d3
SHA512

82160c65efc3ed2086d4729ae7e97f98b9d237a1631421fd951db790be438db9432045ee16363da9c1070356d7d8227991711908674347edd9a4f3dc8f049284
SSDEEP

3072:kQW/HIc4mbkqFAuGz+8iYzfbNcQwbZnGN:kL/oqFAu6fTzfnwRGN

Score

10^/10

mirai mirai defense_evasion discovery persistence

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

C2

asdfui.elite-api.su

Targets

- Target
  
  elitebotnet.mips.elf
- Size
  
  97KB
- MD5
  
  0589b3d263957e51899c048a347b5e0a
- SHA1
  
  253025ae97055316ad0bc4f9dd4c680e0a9af96a
- SHA256
  
  9701f870720ee716c02d544e6f148075d2798254cae3ad4263df3ef2c82b15d3
- SHA512
  
  82160c65efc3ed2086d4729ae7e97f98b9d237a1631421fd951db790be438db9432045ee16363da9c1070356d7d8227991711908674347edd9a4f3dc8f049284
- SSDEEP
  
  3072:kQW/HIc4mbkqFAuGz+8iYzfbNcQwbZnGN:kL/oqFAu6fTzfnwRGN
Score

9^/10

defense_evasion discovery persistence
- Contacts a large (23673) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Modifies rc script
  Adding/modifying system rc scripts is a common persistence mechanism.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Boot or Logon Initialization Scripts

RC Scripts

Privilege Escalation

Boot or Logon Autostart Execution

Boot or Logon Initialization Scripts

RC Scripts

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistence