mirai | 4b35f24379cb8f609e8d7a9dac81baef6b9d535ac940eef21892e7a533b51bcd | Triage

Sharing

General

Target

4b35f24379cb8f609e8d7a9dac81baef6b9d535ac940eef21892e7a533b51bcd.elf
Size

77KB
Sample

250320-dc9dyavqz8
MD5

5696c53bb71c49f06011f032a20ec8ca
SHA1

3ff8200c733255f3718d82717c55856cfff62c52
SHA256

4b35f24379cb8f609e8d7a9dac81baef6b9d535ac940eef21892e7a533b51bcd
SHA512

48ae92238f0f32933ed2a43965d7dad9037f6a5c4abb33941aa36ac6ef06bb02f3fc2f8bcc298193f38d0355cae3670bdbfeb4425b4db99203b56cc1bcde76ac
SSDEEP

1536:skY55Ui+o23TyttnkKasYmdhVyuiZocGJGfbfAugG0sUDK1I4gpgnL4wpHM:ZY3SL3Ctnkj41ynKJOfAJwEKK4gpgL4H

Score

10^/10

mirai demons discovery linux

Malware Config

Extracted

Family

mirai

Botnet

DEMONS

Targets

- Target
  
  4b35f24379cb8f609e8d7a9dac81baef6b9d535ac940eef21892e7a533b51bcd.elf
- Size
  
  77KB
- MD5
  
  5696c53bb71c49f06011f032a20ec8ca
- SHA1
  
  3ff8200c733255f3718d82717c55856cfff62c52
- SHA256
  
  4b35f24379cb8f609e8d7a9dac81baef6b9d535ac940eef21892e7a533b51bcd
- SHA512
  
  48ae92238f0f32933ed2a43965d7dad9037f6a5c4abb33941aa36ac6ef06bb02f3fc2f8bcc298193f38d0355cae3670bdbfeb4425b4db99203b56cc1bcde76ac
- SSDEEP
  
  1536:skY55Ui+o23TyttnkKasYmdhVyuiZocGJGfbfAugG0sUDK1I4gpgnL4wpHM:ZY3SL3Ctnkj41ynKJOfAJwEKK4gpgL4H
Score

6^/10

discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1