mirai | 800c00819cdf420a0b6530d37f91c88426c5ad07d503c98aaab7265d7e1cdfeb | Triage

Sharing

General

Target

800c00819cdf420a0b6530d37f91c88426c5ad07d503c98aaab7265d7e1cdfeb.elf
Size

75KB
Sample

250307-fszksavqs2
MD5

2d38d7340cb17560cf125e7621363649
SHA1

1359736f18292f843b2599513e970ae368d5dc60
SHA256

800c00819cdf420a0b6530d37f91c88426c5ad07d503c98aaab7265d7e1cdfeb
SHA512

cb65f60a4157b03b44ecabfe6c84219eb8d29611640a929cece3da6ce7a0e1e8ad4d6c14713d7650be6683256a840fb951f6f5c3223ea19adb6a4e82706e6a6f
SSDEEP

1536:Ndrd7rjAOFzZ5+/RjBO48JIy3eflwtzUAFgNva7410Um5:Ndrd6V8JreWtA7a4Jm

Score

10^/10

mirai demons discovery

Malware Config

Extracted

Family

mirai

Botnet

DEMONS

Targets

- Target
  
  800c00819cdf420a0b6530d37f91c88426c5ad07d503c98aaab7265d7e1cdfeb.elf
- Size
  
  75KB
- MD5
  
  2d38d7340cb17560cf125e7621363649
- SHA1
  
  1359736f18292f843b2599513e970ae368d5dc60
- SHA256
  
  800c00819cdf420a0b6530d37f91c88426c5ad07d503c98aaab7265d7e1cdfeb
- SHA512
  
  cb65f60a4157b03b44ecabfe6c84219eb8d29611640a929cece3da6ce7a0e1e8ad4d6c14713d7650be6683256a840fb951f6f5c3223ea19adb6a4e82706e6a6f
- SSDEEP
  
  1536:Ndrd7rjAOFzZ5+/RjBO48JIy3eflwtzUAFgNva7410Um5:Ndrd6V8JreWtA7a4Jm
Score

6^/10

discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1