mirai | aca8f632a8ffb39691b76c059849a453181423e4f55cc43c564c423b434d4a2d | Triage

Submit
Reports

Overview

overview

Static

static

tmips.elf

debian-9-mips

9

Sharing

General

Target

tmips.elf
Size

71KB
Sample

250309-tmlcvsvmz9
MD5

7b6299bcb1af34847306c2656df3208b
SHA1

e7e77d4a9b5e305424bfbe41484b7a3702527ccc
SHA256

aca8f632a8ffb39691b76c059849a453181423e4f55cc43c564c423b434d4a2d
SHA512

082fbe3b088f131ea6064aab0f3bea24b8613958bf31ea81ba773bff0bbd423b3a9ff66d03bb67d44e29057c3e406699fd242c251ef9d385b4c6dba9367c1da2
SSDEEP

1536:9byPF/43wV8i2aD2x2q0X76IcNxjWJ4w7PXfKi:APF/Ua8BY3yjj6PvL

Score

10^/10

mirai botnet defense_evasion discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

tmips.elf

Resource

debian9-mipsbe-20240611-en

defense_evasion discovery

debian-9-mips

9 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

- Target
  
  tmips.elf
- Size
  
  71KB
- MD5
  
  7b6299bcb1af34847306c2656df3208b
- SHA1
  
  e7e77d4a9b5e305424bfbe41484b7a3702527ccc
- SHA256
  
  aca8f632a8ffb39691b76c059849a453181423e4f55cc43c564c423b434d4a2d
- SHA512
  
  082fbe3b088f131ea6064aab0f3bea24b8613958bf31ea81ba773bff0bbd423b3a9ff66d03bb67d44e29057c3e406699fd242c251ef9d385b4c6dba9367c1da2
- SSDEEP
  
  1536:9byPF/43wV8i2aD2x2q0X76IcNxjWJ4w7PXfKi:APF/Ua8BY3yjj6PvL
Score

9^/10

defense_evasion discovery
- Contacts a large (114962) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Renames itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy