mirai | 6677aaf690db5421b84916584915e1afe210f255137f7cbdc09f861dcb59c35d | Triage

Sharing

General

Target

6677aaf690db5421b84916584915e1afe210f255137f7cbdc09f861dcb59c35d.elf
Size

156KB
Sample

250307-fenw5atyhy
MD5

7c79acf79fae6e1e2d298f054c72a988
SHA1

55da8827d11233b3ac02819ef41069ae1a3aeeec
SHA256

6677aaf690db5421b84916584915e1afe210f255137f7cbdc09f861dcb59c35d
SHA512

17266b46198d6248829e1dbc8aceaf73786e629b4c4d19c367e8fe1d6fb1e07df5a5d392a6971f48c4e8ccc632b205b141509f057e5d55dc66e9a563288fb646
SSDEEP

3072:5VA0TrpnQ6nuMaIaHKk+dIcVsbLGT+h4ZjSs/dM/9Sh/mswMVQR:3A0TrpQNpIaHKk+dIQsSWkjSsFM/9e/s

Score

10^/10

mirai demons discovery

Malware Config

Extracted

Family

mirai

Botnet

DEMONS

Targets

- Target
  
  6677aaf690db5421b84916584915e1afe210f255137f7cbdc09f861dcb59c35d.elf
- Size
  
  156KB
- MD5
  
  7c79acf79fae6e1e2d298f054c72a988
- SHA1
  
  55da8827d11233b3ac02819ef41069ae1a3aeeec
- SHA256
  
  6677aaf690db5421b84916584915e1afe210f255137f7cbdc09f861dcb59c35d
- SHA512
  
  17266b46198d6248829e1dbc8aceaf73786e629b4c4d19c367e8fe1d6fb1e07df5a5d392a6971f48c4e8ccc632b205b141509f057e5d55dc66e9a563288fb646
- SSDEEP
  
  3072:5VA0TrpnQ6nuMaIaHKk+dIcVsbLGT+h4ZjSs/dM/9Sh/mswMVQR:3A0TrpQNpIaHKk+dIQsSWkjSsFM/9e/s
Score

6^/10

discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1