mirai | 18ec419326c72cad270da262d178dd3ee8a2c88d615b254cd838262a89a2b961 | Triage

Submit
Reports

Overview

overview

Static

static

zyxel.elf

debian-9-armhf

9

Sharing

General

Target

zyxel.elf
Size

149KB
Sample

250309-naxx8szyhv
MD5

6324ba37c929071f8a3c65d7bae2cfd3
SHA1

f89a463328df433b597b53267f75b2f742d647a1
SHA256

18ec419326c72cad270da262d178dd3ee8a2c88d615b254cd838262a89a2b961
SHA512

cd05a6d286bc4ebab1eb3ab4e6f047e036043e875a3af846b95245ac46248eba61336492ce6df794fa6f08e1fa76581a2bf67f9af35f64bbfbe1c0234deeae92
SSDEEP

3072:8pTHcZwn2J+wVJVdFFH+DsEncLTdOoRrWwduHuDM/9FTsHQhoR:aTHcZw2oQdjGsEncLTkoRDduH6M/9FhE

Score

10^/10

mirai apep discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

zyxel.elf

Resource

debian9-armhf-20240611-en

debian-9-armhf

5 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

APEP

Targets

- Target
  
  zyxel.elf
- Size
  
  149KB
- MD5
  
  6324ba37c929071f8a3c65d7bae2cfd3
- SHA1
  
  f89a463328df433b597b53267f75b2f742d647a1
- SHA256
  
  18ec419326c72cad270da262d178dd3ee8a2c88d615b254cd838262a89a2b961
- SHA512
  
  cd05a6d286bc4ebab1eb3ab4e6f047e036043e875a3af846b95245ac46248eba61336492ce6df794fa6f08e1fa76581a2bf67f9af35f64bbfbe1c0234deeae92
- SSDEEP
  
  3072:8pTHcZwn2J+wVJVdFFH+DsEncLTdOoRrWwduHuDM/9FTsHQhoR:aTHcZw2oQdjGsEncLTkoRDduH6M/9FhE
Score

9^/10

discovery
- Contacts a large (210164) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy