mirai | 602f8076ed24db46164f6633dd50fcfbe27efd51eadb0f61d58d6814e0ea5439 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

5

Hgf.x86.elf

ubuntu-22.04-amd64

Sharing

General

Target

Hgf.x86.elf
Size

23KB
Sample

250209-l49g1stkgx
MD5

fa610cec756d9e59636749bc787ee6ac
SHA1

5471e0a2d2bd635df8b574c78c0cc39d1d40a8f6
SHA256

602f8076ed24db46164f6633dd50fcfbe27efd51eadb0f61d58d6814e0ea5439
SHA512

3aa1b40fe2f033a7e08c699cac912700552d878cb783db55f88ee8a1dce04fa824ced78fe066a4826c61a8575726430d5ce7ebfe6336467b5cb6c7707235417c
SSDEEP

384:Mjjnjb1wD8dXBxjr63hZV3xON3/5ykLGQnzscaGjGYiyWjek8iLV3HKGD:Kjb1wD8hjQbV3xW/AEGEzhaOTiNjeJiv

Score

10^/10

mirai botnet botnet defense_evasion discovery linux upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Hgf.x86.elf

Resource

ubuntu2204-amd64-20240611-en

mirai botnet botnet defense_evasion discovery

ubuntu-22.04-amd64

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

C2

cnc.stressamp.com

Targets

- Target
  
  Hgf.x86.elf
- Size
  
  23KB
- MD5
  
  fa610cec756d9e59636749bc787ee6ac
- SHA1
  
  5471e0a2d2bd635df8b574c78c0cc39d1d40a8f6
- SHA256
  
  602f8076ed24db46164f6633dd50fcfbe27efd51eadb0f61d58d6814e0ea5439
- SHA512
  
  3aa1b40fe2f033a7e08c699cac912700552d878cb783db55f88ee8a1dce04fa824ced78fe066a4826c61a8575726430d5ce7ebfe6336467b5cb6c7707235417c
- SSDEEP
  
  384:Mjjnjb1wD8dXBxjr63hZV3xON3/5ykLGQnzscaGjGYiyWjek8iLV3HKGD:Kjb1wD8hjQbV3xW/AEGEzhaOTiNjeJiv
Score

10^/10

mirai botnet botnet defense_evasion discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Mirai family
  mirai
- Contacts a large (75233) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraibotnetbotnetdefense_evasiondiscovery

© 2018-2025

Terms | Privacy