mirai | 41ae1e1b04aa48f72ea695512c205acb274f6b7c09e4ed042de7dfa5be5a8281 | Triage

Sharing

General

Target

5c76dc59fb0c8867a443e88d8cafecba.bin
Size

38KB
Sample

250307-bmek7ssjz2
MD5

ea814ece4218f6b98da494276c4c6f5f
SHA1

418026ff78feca0a5b4b6dd80788c593e3363680
SHA256

41ae1e1b04aa48f72ea695512c205acb274f6b7c09e4ed042de7dfa5be5a8281
SHA512

e13786a6202ec30a4dc17489f4007f8c1e6d479cb7aa5331bb91a3f422957396df978e7fa0b01fa6d8e2cc9c478edc069c9da2d92600fde78dec8967ee85d607
SSDEEP

768:uZuolrpoUkz5yLopgkvAHH4rjUh07ELg8S8YH/uCJa8kVW:uZTlreBz5yAgdnJPgWYH/tae

Score

10^/10

mirai demons discovery

Malware Config

Extracted

Family

mirai

Botnet

DEMONS

Targets

- Target
  
  78df46d30c892d05df72637f84f094d3dbc85f49ce9bf578ac0d1ba40c1d2ce9.elf
- Size
  
  75KB
- MD5
  
  5c76dc59fb0c8867a443e88d8cafecba
- SHA1
  
  7b0d466066edbae7918e78f951b3483e9102275d
- SHA256
  
  78df46d30c892d05df72637f84f094d3dbc85f49ce9bf578ac0d1ba40c1d2ce9
- SHA512
  
  35c198c55049330f4df49adba2719be62df000fa362cb8ab8896bba0b1bbd34d8493e399a84af1cc1fbd298608b9e7e89c361378cac869a10184bc88d513fd84
- SSDEEP
  
  1536:Ndrd7rjAOFzZ5+/RjBO48JIy3eflwtzUAFgNva7410mm5:Ndrd6V8JreWtA7a4Pm
Score

6^/10

discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1