mirai | f975c4c55a4238ef389bf2f9b3c4ef6b0ae5e7feb078522b47024f12dc5c9384 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

bimbo-x86.elf

ubuntu-22.04-amd64

9

Sharing

General

Target

bimbo-x86.elf
Size

41KB
Sample

250328-gpa9fsvjs5
MD5

2bf5bd1011bb9e538cade75d148d9aa5
SHA1

014886edf412f4a790a08aaf18cc4522a5935d8d
SHA256

f975c4c55a4238ef389bf2f9b3c4ef6b0ae5e7feb078522b47024f12dc5c9384
SHA512

62937c590496ff92ff2bba78c1f25e560bdfc8d714d186daa6967fccb2ce1e4c7e446c6b6b0f608fb6ac389f03c60d5612726fe5b15d47fe6d31a18168066ada
SSDEEP

768:grSZQGftR0rfpuoPjArT5l5beVykNCvxyx+/Hw+6RKd2JaU0gUQ2PNRQ:grSZhftuUlaVyYCK+6RK0JaU0XQ2PP

Score

10^/10

mirai credential_access discovery linux

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bimbo-x86.elf

Resource

ubuntu2204-amd64-20250307-en

credential_access discovery

ubuntu-22.04-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  bimbo-x86.elf
- Size
  
  41KB
- MD5
  
  2bf5bd1011bb9e538cade75d148d9aa5
- SHA1
  
  014886edf412f4a790a08aaf18cc4522a5935d8d
- SHA256
  
  f975c4c55a4238ef389bf2f9b3c4ef6b0ae5e7feb078522b47024f12dc5c9384
- SHA512
  
  62937c590496ff92ff2bba78c1f25e560bdfc8d714d186daa6967fccb2ce1e4c7e446c6b6b0f608fb6ac389f03c60d5612726fe5b15d47fe6d31a18168066ada
- SSDEEP
  
  768:grSZQGftR0rfpuoPjArT5l5beVykNCvxyx+/Hw+6RKd2JaU0gUQ2PNRQ:grSZhftuUlaVyYCK+6RK0JaU0XQ2PP
Score

9^/10

credential_access discovery
- Contacts a large (429718) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Enumerates running processes
  Discovers information about currently running processes on the system
- Reads process memory
  Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
  credential_access
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

OS Credential Dumping

Proc Filesystem

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessdiscovery

© 2018-2025

Terms | Privacy