mirai | 800c00819cdf420a0b6530d37f91c88426c5ad07d503c98aaab7265d7e1cdfeb | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

donk.arm.elf

debian-9-armhf

7

Sharing

General

Target

donk.arm.elf
Size

75KB
Sample

250306-ds5qpaxmw8
MD5

2d38d7340cb17560cf125e7621363649
SHA1

1359736f18292f843b2599513e970ae368d5dc60
SHA256

800c00819cdf420a0b6530d37f91c88426c5ad07d503c98aaab7265d7e1cdfeb
SHA512

cb65f60a4157b03b44ecabfe6c84219eb8d29611640a929cece3da6ce7a0e1e8ad4d6c14713d7650be6683256a840fb951f6f5c3223ea19adb6a4e82706e6a6f
SSDEEP

1536:Ndrd7rjAOFzZ5+/RjBO48JIy3eflwtzUAFgNva7410Um5:Ndrd6V8JreWtA7a4Jm

Score

10^/10

mirai demons defense_evasion discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

donk.arm.elf

Resource

debian9-armhf-20240729-en

defense_evasion discovery

debian-9-armhf

5 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

DEMONS

Targets

- Target
  
  donk.arm.elf
- Size
  
  75KB
- MD5
  
  2d38d7340cb17560cf125e7621363649
- SHA1
  
  1359736f18292f843b2599513e970ae368d5dc60
- SHA256
  
  800c00819cdf420a0b6530d37f91c88426c5ad07d503c98aaab7265d7e1cdfeb
- SHA512
  
  cb65f60a4157b03b44ecabfe6c84219eb8d29611640a929cece3da6ce7a0e1e8ad4d6c14713d7650be6683256a840fb951f6f5c3223ea19adb6a4e82706e6a6f
- SSDEEP
  
  1536:Ndrd7rjAOFzZ5+/RjBO48JIy3eflwtzUAFgNva7410Um5:Ndrd6V8JreWtA7a4Jm
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.