Overview

overview

10

Static

static

10

x86 (2)

ubuntu-18.04-amd64

9

x86 (2)

ubuntu-20.04-amd64

9

x86 (2)

ubuntu-22.04-amd64

9

x86 (2)

ubuntu-24.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    x86 (2)

  • Size

    54KB

  • Sample

    250131-w19nqavrgr

  • MD5

    b180c519dee8619995c2a2acedc7d2b4

  • SHA1

    95b340b868007f0bf338aa2ac34b33c9caa7d9a8

  • SHA256

    deb05b353c51481cba1eb6acfac01d4e4a1e0bf687f8ad6bb54c51b2e0b04e2c

  • SHA512

    633737009b3a028f4ef073ce7393671d4ff7c5f26b2e87ad48ce10dafd502cd91520f82f803331b949c1eeecdcb0daaf09e6e618382fe5a470c6d9f99de2b728

  • SSDEEP

    1536:JeESt/basV2rcZhG6yZN7nanlSR9zWOIaEjrqMGs:JeESt/basVTg57nanQRVtXESp

Score
10/10
miraidiscoverylinuxrootkit

Malware Config

Extracted

Family

mirai

C2

panel.daudau.org

Targets

    • Target

      x86 (2)

    • Size

      54KB

    • MD5

      b180c519dee8619995c2a2acedc7d2b4

    • SHA1

      95b340b868007f0bf338aa2ac34b33c9caa7d9a8

    • SHA256

      deb05b353c51481cba1eb6acfac01d4e4a1e0bf687f8ad6bb54c51b2e0b04e2c

    • SHA512

      633737009b3a028f4ef073ce7393671d4ff7c5f26b2e87ad48ce10dafd502cd91520f82f803331b949c1eeecdcb0daaf09e6e618382fe5a470c6d9f99de2b728

    • SSDEEP

      1536:JeESt/basV2rcZhG6yZN7nanlSR9zWOIaEjrqMGs:JeESt/basVTg57nanQRVtXESp

    Score
    9/10
    discoveryrootkit

    • Contacts a large (7427) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

      rootkit

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks