mirai | 8474a2543a52186b91b0dd66b48447b43b8e1bb4d2c2c713f8b9972ab4d0ab81 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

8474a2543a...b81.sh

ubuntu-18.04-amd64

8474a2543a...b81.sh

debian-9-armhf

8474a2543a...b81.sh

debian-9-mips

8474a2543a...b81.sh

debian-9-mipsel

Sharing

General

Target

8474a2543a52186b91b0dd66b48447b43b8e1bb4d2c2c713f8b9972ab4d0ab81.sh
Size

2KB
Sample

250312-dehc8swxbw
MD5

a049f979d06c20ea98e850d006bf968c
SHA1

d7e23d66238515d48e598902ad77f42f7b17534e
SHA256

8474a2543a52186b91b0dd66b48447b43b8e1bb4d2c2c713f8b9972ab4d0ab81
SHA512

7a80739e324c30ad138b2d69f4d145603c6badc84344bca3083e528d8ef443b4b4c8fca400071fbf56c24bff7082e858f5e72c2bca7d3ca4ec4aecf5ca31b7d0

Score

10^/10

mirai unstable antivm botnet defense_evasion discovery linux upx

Static task

static1

Behavioral task

behavioral1

Sample

8474a2543a52186b91b0dd66b48447b43b8e1bb4d2c2c713f8b9972ab4d0ab81.sh

Resource

ubuntu1804-amd64-20240611-en

mirai unstable botnet defense_evasion discovery upx

ubuntu-18.04-amd64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

8474a2543a52186b91b0dd66b48447b43b8e1bb4d2c2c713f8b9972ab4d0ab81.sh

Resource

debian9-armhf-20240729-en

mirai unstable antivm botnet defense_evasion discovery upx

debian-9-armhf

15 signatures

150 seconds

Behavioral task

behavioral3

Sample

8474a2543a52186b91b0dd66b48447b43b8e1bb4d2c2c713f8b9972ab4d0ab81.sh

Resource

debian9-mipsbe-20240611-en

mirai unstable botnet defense_evasion discovery upx

debian-9-mips

12 signatures

150 seconds

Behavioral task

behavioral4

Sample

8474a2543a52186b91b0dd66b48447b43b8e1bb4d2c2c713f8b9972ab4d0ab81.sh

Resource

debian9-mipsel-20240729-en

mirai unstable botnet defense_evasion discovery upx

debian-9-mipsel

12 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

C2

dasdv1.service1921.club

Extracted

Family

mirai

Botnet

UNSTABLE

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

- Target
  
  8474a2543a52186b91b0dd66b48447b43b8e1bb4d2c2c713f8b9972ab4d0ab81.sh
- Size
  
  2KB
- MD5
  
  a049f979d06c20ea98e850d006bf968c
- SHA1
  
  d7e23d66238515d48e598902ad77f42f7b17534e
- SHA256
  
  8474a2543a52186b91b0dd66b48447b43b8e1bb4d2c2c713f8b9972ab4d0ab81
- SHA512
  
  7a80739e324c30ad138b2d69f4d145603c6badc84344bca3083e528d8ef443b4b4c8fca400071fbf56c24bff7082e858f5e72c2bca7d3ca4ec4aecf5ca31b7d0
Score

10^/10

mirai unstable botnet defense_evasion discovery upx antivm
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Mirai family
  mirai
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Deletes itself
- Executes dropped EXE
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
- Writes file to system bin folder
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Impair Defenses

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Virtualization/Sandbox Evasion

System Checks

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraiunstablebotnetdefense_evasiondiscoveryupx

behavioral2

miraiunstableantivmbotnetdefense_evasiondiscoveryupx

behavioral3

miraiunstablebotnetdefense_evasiondiscoveryupx

behavioral4

miraiunstablebotnetdefense_evasiondiscoveryupx

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.