mirai | 1de12614bd0d57e501402d8c8af3c8f1e0b9e5a2fbc2476b7a0cdba71046e538 | Triage

Sharing

General

Target

1de12614bd0d57e501402d8c8af3c8f1e0b9e5a2fbc2476b7a0cdba71046e538.elf
Size

77KB
Sample

250320-ctmqtszzbs
MD5

bf29e924c0a0d2d92644d7e1e80663b7
SHA1

6b921f2dc9cf861807e1d6093ce1b1bb5ab93467
SHA256

1de12614bd0d57e501402d8c8af3c8f1e0b9e5a2fbc2476b7a0cdba71046e538
SHA512

e702071edff3d9e394aa43f06e91e0b7909b1f5be6a3551c9cee20b2b072d8fa020db025df37c15cbdd4c39b8f2549a242f0b58a93bf3fb7494b5f14e7487c3b
SSDEEP

1536:BlFYmKcCftaTYw2MVvis4iGrJfo4JhblfdggS0/pNoK/nL487KK+w5r5:/FYm+1aB2MVmpJHflJNoK/L4DQ

Score

10^/10

mirai demons discovery linux

Malware Config

Extracted

Family

mirai

Botnet

DEMONS

Targets

- Target
  
  1de12614bd0d57e501402d8c8af3c8f1e0b9e5a2fbc2476b7a0cdba71046e538.elf
- Size
  
  77KB
- MD5
  
  bf29e924c0a0d2d92644d7e1e80663b7
- SHA1
  
  6b921f2dc9cf861807e1d6093ce1b1bb5ab93467
- SHA256
  
  1de12614bd0d57e501402d8c8af3c8f1e0b9e5a2fbc2476b7a0cdba71046e538
- SHA512
  
  e702071edff3d9e394aa43f06e91e0b7909b1f5be6a3551c9cee20b2b072d8fa020db025df37c15cbdd4c39b8f2549a242f0b58a93bf3fb7494b5f14e7487c3b
- SSDEEP
  
  1536:BlFYmKcCftaTYw2MVvis4iGrJfo4JhblfdggS0/pNoK/nL487KK+w5r5:/FYm+1aB2MVmpJHflJNoK/L4DQ
Score

6^/10

discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1