mirai | caf96fd0fd94e984e29427f6c3818cda992ed2e1102bdd528870028a0ff2848f | Triage

Sharing

General

Target

caf96fd0fd94e984e29427f6c3818cda992ed2e1102bdd528870028a0ff2848f.elf
Size

92KB
Sample

250307-hy6x6awqw2
MD5

7153ae0fb8bf54ab2ed84058eff6fa6f
SHA1

e00368d2c28b4db72abd2f0306b87093ccb84e5c
SHA256

caf96fd0fd94e984e29427f6c3818cda992ed2e1102bdd528870028a0ff2848f
SHA512

c992e92bddf7dbb6f89668301b0c2dc4a908c703ac199ec28be7085f1bc23d3d5c75f1af5e9d405b9b0cf1e243b4b5aff0f1590a474f22118908e8dc419e6846
SSDEEP

1536:OwIBiXzNCI0qWAACj9CFre/f32lgaTZRSiH/HXDU/7410CFY:OwIkXz30vAA+j32ljTfDW4HF

Score

10^/10

mirai demons discovery

Malware Config

Extracted

Family

mirai

Botnet

DEMONS

Targets

- Target
  
  caf96fd0fd94e984e29427f6c3818cda992ed2e1102bdd528870028a0ff2848f.elf
- Size
  
  92KB
- MD5
  
  7153ae0fb8bf54ab2ed84058eff6fa6f
- SHA1
  
  e00368d2c28b4db72abd2f0306b87093ccb84e5c
- SHA256
  
  caf96fd0fd94e984e29427f6c3818cda992ed2e1102bdd528870028a0ff2848f
- SHA512
  
  c992e92bddf7dbb6f89668301b0c2dc4a908c703ac199ec28be7085f1bc23d3d5c75f1af5e9d405b9b0cf1e243b4b5aff0f1590a474f22118908e8dc419e6846
- SSDEEP
  
  1536:OwIBiXzNCI0qWAACj9CFre/f32lgaTZRSiH/HXDU/7410CFY:OwIkXz30vAA+j32ljTfDW4HF
Score

6^/10

discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1