mirai | f64e85b208229c1a509f667392f6419a9acc28ffc63a4f230c713061d08aa4a3 | Triage

Submit
Reports

Overview

overview

Static

static

EdiAf.mips.elf

debian-9-mips

7

Sharing

General

Target

EdiAf.mips.elf
Size

94KB
Sample

250203-metkyaykaw
MD5

559662dcbc46dd3b82281943e4e4dace
SHA1

0995b4cfa44b4a5d307fe55d84575dae638af922
SHA256

f64e85b208229c1a509f667392f6419a9acc28ffc63a4f230c713061d08aa4a3
SHA512

e5754005f534b3f9555892a32869d8a892f40a1d00ee0409aec5a4b71aea4efc5c58142941ff53714e8b72c19d6d8c94222d39d52a4436d4889c6c82171d402f
SSDEEP

1536:DmUSZbrf9vNdOuAtJwtK95bo2Nutje1AlJDH:DmFZbz970tJwE95bo2Nut9lJT

Score

10^/10

mirai unstable defense_evasion discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

EdiAf.mips.elf

Resource

debian9-mipsbe-20240418-en

defense_evasion discovery

debian-9-mips

6 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

- Target
  
  EdiAf.mips.elf
- Size
  
  94KB
- MD5
  
  559662dcbc46dd3b82281943e4e4dace
- SHA1
  
  0995b4cfa44b4a5d307fe55d84575dae638af922
- SHA256
  
  f64e85b208229c1a509f667392f6419a9acc28ffc63a4f230c713061d08aa4a3
- SHA512
  
  e5754005f534b3f9555892a32869d8a892f40a1d00ee0409aec5a4b71aea4efc5c58142941ff53714e8b72c19d6d8c94222d39d52a4436d4889c6c82171d402f
- SSDEEP
  
  1536:DmUSZbrf9vNdOuAtJwtK95bo2Nutje1AlJDH:DmFZbz970tJwE95bo2Nut9lJT
Score

7^/10

defense_evasion discovery
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy