mirai | 5b6a3ddaea69d6a2b4bde62a543fefb22c055e6f3b0165d415d00e12c62bdb64 | Triage

Submit
Reports

Overview

overview

Static

static

rrrdsl.elf

debian-12-mipsel

9

Sharing

General

Target

rrrdsl.elf
Size

209KB
Sample

250307-ry8ana1yey
MD5

821541bd01bc2ffea29f2baf9ad41130
SHA1

b2de1f68a385ce4c5d5127b8fa6a7e8292681040
SHA256

5b6a3ddaea69d6a2b4bde62a543fefb22c055e6f3b0165d415d00e12c62bdb64
SHA512

36653c12abcd5bb355794e1570007c997fe9f359ed14eeae01a5f1f61d69e31fd83c904058a962bb06cde0ce3e29aad9a46fab1c453e69e28b16d6a51a113c69
SSDEEP

3072:3OtyYRRCS/uJIA/tIusWkt5s33HKrc8xHiD/:3OtpRRCS/uCFWQ582/xC

Score

10^/10

mirai defense_evasion discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

rrrdsl.elf

Resource

debian12-mipsel-20240729-en

defense_evasion discovery

debian-12-mipsel

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  rrrdsl.elf
- Size
  
  209KB
- MD5
  
  821541bd01bc2ffea29f2baf9ad41130
- SHA1
  
  b2de1f68a385ce4c5d5127b8fa6a7e8292681040
- SHA256
  
  5b6a3ddaea69d6a2b4bde62a543fefb22c055e6f3b0165d415d00e12c62bdb64
- SHA512
  
  36653c12abcd5bb355794e1570007c997fe9f359ed14eeae01a5f1f61d69e31fd83c904058a962bb06cde0ce3e29aad9a46fab1c453e69e28b16d6a51a113c69
- SSDEEP
  
  3072:3OtyYRRCS/uJIA/tIusWkt5s33HKrc8xHiD/:3OtpRRCS/uCFWQ582/xC
Score

9^/10

defense_evasion discovery
- Contacts a large (6734) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Deletes Audit logs
  Deletes logs related to the Linux Audit framework.
  defense_evasion
- Deletes itself
- Deletes journal logs
  Deletes systemd journal logs. Likely to evade detection.
  defense_evasion
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Indicator Removal

Clear Linux or Mac System Logs

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy