mirai | d7b41cad1d9ebb36133c2ad01202825754fc036dec4aca9b7f18aefc798a38c1 | Triage

Sharing

General

Target

d7b41cad1d9ebb36133c2ad01202825754fc036dec4aca9b7f18aefc798a38c1.elf
Size

78KB
Sample

250320-exg1vstsaw
MD5

3816b37f603e8d85d400870a382a40a4
SHA1

a9ee58e7f3bfe50af0123c8187d5507f88db6af8
SHA256

d7b41cad1d9ebb36133c2ad01202825754fc036dec4aca9b7f18aefc798a38c1
SHA512

5745865b0331a7429ecb98dd0d368dedc37a19e79285bc8409a7276658b57463c55ca322b6075364d50829bc60295f51b059bf0c563d9f3261d1a9a75bfb6b74
SSDEEP

1536:Xn/tr2CkI52odF2NBf2OgLM7p9/cXaVsHcWEK/nu49HRAN3nLn83:3/tqCkNodUNBf2OgLM7p9/BcxL/nu4Ry

Score

10^/10

mirai demons discovery linux

Malware Config

Extracted

Family

mirai

Botnet

DEMONS

Targets

- Target
  
  d7b41cad1d9ebb36133c2ad01202825754fc036dec4aca9b7f18aefc798a38c1.elf
- Size
  
  78KB
- MD5
  
  3816b37f603e8d85d400870a382a40a4
- SHA1
  
  a9ee58e7f3bfe50af0123c8187d5507f88db6af8
- SHA256
  
  d7b41cad1d9ebb36133c2ad01202825754fc036dec4aca9b7f18aefc798a38c1
- SHA512
  
  5745865b0331a7429ecb98dd0d368dedc37a19e79285bc8409a7276658b57463c55ca322b6075364d50829bc60295f51b059bf0c563d9f3261d1a9a75bfb6b74
- SSDEEP
  
  1536:Xn/tr2CkI52odF2NBf2OgLM7p9/cXaVsHcWEK/nu49HRAN3nLn83:3/tqCkNodUNBf2OgLM7p9/BcxL/nu4Ry
Score

6^/10

discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1