mirai | a274e4ba2abf7472ea420656acedd4a7c52ca22ff5a756167be3cb78a9c635e9 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

5

a274e4ba2a...e9.elf

debian-9-mipsel

Sharing

General

Target

a274e4ba2abf7472ea420656acedd4a7c52ca22ff5a756167be3cb78a9c635e9.elf
Size

40KB
Sample

250306-fddd1ayvfw
MD5

a68df8c359d5eda8224c596a86404ff1
SHA1

e7bc9c410665d0beef953c0b8a5923ecb2ba5cfe
SHA256

a274e4ba2abf7472ea420656acedd4a7c52ca22ff5a756167be3cb78a9c635e9
SHA512

a9fc1fc0cf0376a6bf6d781be1ef44ffa40d21fbc89b2d126e68ef9660498a99cb0df38fe29fac08fa524f4987ec011cb77ad0fbb6a687af125bb0028ce41665
SSDEEP

768:88D1EcBscTVcqmCMNhb2VAIwBF8Bz1kxHqZ4aJwB/HWbNvvVBTWMs:8OLwNx2OIwgBzyxHqVJwxHWbpfQ

Score

10^/10

mirai mirai botnet defense_evasion discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a274e4ba2abf7472ea420656acedd4a7c52ca22ff5a756167be3cb78a9c635e9.elf

Resource

debian9-mipsel-20240729-en

mirai mirai botnet defense_evasion discovery

debian-9-mipsel

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

C2

hjfdjkahfkejw.chickenkiller.com

Targets

- Target
  
  a274e4ba2abf7472ea420656acedd4a7c52ca22ff5a756167be3cb78a9c635e9.elf
- Size
  
  40KB
- MD5
  
  a68df8c359d5eda8224c596a86404ff1
- SHA1
  
  e7bc9c410665d0beef953c0b8a5923ecb2ba5cfe
- SHA256
  
  a274e4ba2abf7472ea420656acedd4a7c52ca22ff5a756167be3cb78a9c635e9
- SHA512
  
  a9fc1fc0cf0376a6bf6d781be1ef44ffa40d21fbc89b2d126e68ef9660498a99cb0df38fe29fac08fa524f4987ec011cb77ad0fbb6a687af125bb0028ce41665
- SSDEEP
  
  768:88D1EcBscTVcqmCMNhb2VAIwBF8Bz1kxHqZ4aJwB/HWbNvvVBTWMs:8OLwNx2OIwgBzyxHqVJwxHWbpfQ
Score

10^/10

mirai mirai botnet defense_evasion discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Mirai family
  mirai
- Contacts a large (160591) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraimiraibotnetdefense_evasiondiscovery

© 2018-2025

Terms | Privacy