Overview

overview

10

Static

static

5

apep.arm.elf

debian-9-armhf

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    apep.arm.elf

  • Size

    30KB

  • Sample

    250309-naxbpszqx7

  • MD5

    38a27933778feb9672d2d88b65c28081

  • SHA1

    595ed27399602fb0c0e1a2380b018226810c66f2

  • SHA256

    e9864229fb4d25e82f8c13f6fb6bf8f5caa8dfb5071df0e440733b890506c395

  • SHA512

    1187852ceb9ba585dfbf4e6ccefa6a4a3e6159586ce4e3100b71a9d08f51bfa58a09d391951a841a089e63f11c3dd3521dd312e28c5b7ec3596f683216cca03f

  • SSDEEP

    768:N2aICfmJL5lrmxlLU0NQjli5fjdHwpTdPASP1sjq993U5:N2kfMFcxW0NQAhhHwpT7P1sjq96

Score
10/10
miraiapepbotnetdiscoveryupx

Malware Config

Extracted

Family

mirai

Botnet

APEP

Targets

    • Target

      apep.arm.elf

    • Size

      30KB

    • MD5

      38a27933778feb9672d2d88b65c28081

    • SHA1

      595ed27399602fb0c0e1a2380b018226810c66f2

    • SHA256

      e9864229fb4d25e82f8c13f6fb6bf8f5caa8dfb5071df0e440733b890506c395

    • SHA512

      1187852ceb9ba585dfbf4e6ccefa6a4a3e6159586ce4e3100b71a9d08f51bfa58a09d391951a841a089e63f11c3dd3521dd312e28c5b7ec3596f683216cca03f

    • SSDEEP

      768:N2aICfmJL5lrmxlLU0NQjli5fjdHwpTdPASP1sjq993U5:N2kfMFcxW0NQAhhHwpT7P1sjq96

    Score
    10/10
    miraiapepbotnetdiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • Contacts a large (212279) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks