General
-
Target
e2cd2182e7b24c400e8c9f0325b8fd66fc420d00e23973277efc4af3a5af206f.elf
-
Size
161KB
-
Sample
250114-d1et8sxqdr
-
MD5
5da389660793a2131957f0c21a26b502
-
SHA1
5e1b40b9e9ca1ca9327e43a1f4c9fa54a48305a2
-
SHA256
e2cd2182e7b24c400e8c9f0325b8fd66fc420d00e23973277efc4af3a5af206f
-
SHA512
31fda13ebc592e776b4996adce007628456da4977ef5f9a33ae7e91b3a398fda7999c4ab43350f634873ed5cd7e593c05f1b9629ceb1d5ee81fff56e66e11636
-
SSDEEP
3072:a83ASxrlDxiaNfxn8FsUpSfRUQh037wbZn5DOTX0M/9ETXe:a8QuxliaNfxn8FvSf56wR5DOTkM/9YXe
Malware Config
Extracted
mirai
MIRAI
asdfui.elite-api.su
Targets
-
-
Target
e2cd2182e7b24c400e8c9f0325b8fd66fc420d00e23973277efc4af3a5af206f.elf
-
Size
161KB
-
MD5
5da389660793a2131957f0c21a26b502
-
SHA1
5e1b40b9e9ca1ca9327e43a1f4c9fa54a48305a2
-
SHA256
e2cd2182e7b24c400e8c9f0325b8fd66fc420d00e23973277efc4af3a5af206f
-
SHA512
31fda13ebc592e776b4996adce007628456da4977ef5f9a33ae7e91b3a398fda7999c4ab43350f634873ed5cd7e593c05f1b9629ceb1d5ee81fff56e66e11636
-
SSDEEP
3072:a83ASxrlDxiaNfxn8FsUpSfRUQh037wbZn5DOTX0M/9ETXe:a8QuxliaNfxn8FvSf56wR5DOTkM/9YXe
Score9/10-
Contacts a large (23833) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Modifies rc script
Adding/modifying system rc scripts is a common persistence mechanism.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1Privilege Escalation
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1