mirai | a41064e46ee4b5f322c59edd99c0496bb95086d4e681925064a9f6ab0435c331 | Triage

Sharing

General

Target

a41064e46ee4b5f322c59edd99c0496bb95086d4e681925064a9f6ab0435c331.elf
Size

108KB
Sample

250320-eh86ssxjt6
MD5

ca9c21fac12bf6adf7a9d069f08d3826
SHA1

bfd18646fc1645a0dd13adbcab5b2fce47440cdb
SHA256

a41064e46ee4b5f322c59edd99c0496bb95086d4e681925064a9f6ab0435c331
SHA512

85cbd56dcbfea18c1665589ae7febbdf0577a09dede290d0a8362b19547f26838df25926afe8689c698010dd3f094ea30af500b118bf7300ab50eb779f79f8b3
SSDEEP

1536:ZI6yHdMxPaDMHsAQDqX10Zvp4Mmp7vx6ZHKEnmgpd410wnq:ZI6yHdSPKMH1Qe13p756w0+Zq

Score

10^/10

mirai demons discovery

Malware Config

Extracted

Family

mirai

Botnet

DEMONS

Targets

- Target
  
  a41064e46ee4b5f322c59edd99c0496bb95086d4e681925064a9f6ab0435c331.elf
- Size
  
  108KB
- MD5
  
  ca9c21fac12bf6adf7a9d069f08d3826
- SHA1
  
  bfd18646fc1645a0dd13adbcab5b2fce47440cdb
- SHA256
  
  a41064e46ee4b5f322c59edd99c0496bb95086d4e681925064a9f6ab0435c331
- SHA512
  
  85cbd56dcbfea18c1665589ae7febbdf0577a09dede290d0a8362b19547f26838df25926afe8689c698010dd3f094ea30af500b118bf7300ab50eb779f79f8b3
- SSDEEP
  
  1536:ZI6yHdMxPaDMHsAQDqX10Zvp4Mmp7vx6ZHKEnmgpd410wnq:ZI6yHdSPKMH1Qe13p756w0+Zq
Score

6^/10

discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1