mirai | 77c607982092d3975005f7a0dac25caab7c8ea36c74ddc2886390a7a70a338df | Triage

Sharing

General

Target

77c607982092d3975005f7a0dac25caab7c8ea36c74ddc2886390a7a70a338df.elf
Size

162KB
Sample

250320-dv8v5awly2
MD5

33fd833afc2d62a02b556a9616004af0
SHA1

1e9e9be788ac04bd374f1c745c9ff157f7165d2b
SHA256

77c607982092d3975005f7a0dac25caab7c8ea36c74ddc2886390a7a70a338df
SHA512

94de687e938476d09f88efa1be1a5d775d9299fd37455446b6cb1acc9be9fb37d288f34de833cc49b603c039c237fcb2dc45c1abacd362fe2ffa93578e40132f
SSDEEP

3072:CBF6pcUYnm+3W9aPa9pTWMFQjf3BZhSo40XsXIDsM/9slxNn2Pmqwb4XhR:Cj6pcUYm3EPa9pTWMFefdbhXsXIgM/9R

Score

10^/10

mirai demons discovery

Malware Config

Extracted

Family

mirai

Botnet

DEMONS

Targets

- Target
  
  77c607982092d3975005f7a0dac25caab7c8ea36c74ddc2886390a7a70a338df.elf
- Size
  
  162KB
- MD5
  
  33fd833afc2d62a02b556a9616004af0
- SHA1
  
  1e9e9be788ac04bd374f1c745c9ff157f7165d2b
- SHA256
  
  77c607982092d3975005f7a0dac25caab7c8ea36c74ddc2886390a7a70a338df
- SHA512
  
  94de687e938476d09f88efa1be1a5d775d9299fd37455446b6cb1acc9be9fb37d288f34de833cc49b603c039c237fcb2dc45c1abacd362fe2ffa93578e40132f
- SSDEEP
  
  3072:CBF6pcUYnm+3W9aPa9pTWMFQjf3BZhSo40XsXIDsM/9slxNn2Pmqwb4XhR:Cj6pcUYm3EPa9pTWMFefdbhXsXIgM/9R
Score

6^/10

discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1