Overview

overview

10

Static

static

10

x86

ubuntu-24.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    x86

  • Size

    53KB

  • Sample

    250328-qk3ycawwfz

  • MD5

    dfc4c238a7eb7e331dd5ed7683a46847

  • SHA1

    29c501a417a6e0564ab15091e008f1e4b36ff8a1

  • SHA256

    d53180077d30cbcbec53397db73ab647784a537ab84164557c4abc7befd6dfb1

  • SHA512

    ca2328c68a44686b1b4e32555cc448d193116819cb6cb806078fd795a9301e2cea7f50ef6c6cfa8b9673a20c4b952c766810325ecb7ba9f63ce102dc00c67f00

  • SSDEEP

    1536:gAmkKnnAvjccy7ZeDm4ECd+67ZdC2BjWxr2dJKQDf2:nRKnAvjcV7ZIECdxZdC2tirS3b

Score
10/10
miraikurcdiscoverylinuxrootkit

Malware Config

Extracted

Family

mirai

Botnet

KURC

Targets

    • Target

      x86

    • Size

      53KB

    • MD5

      dfc4c238a7eb7e331dd5ed7683a46847

    • SHA1

      29c501a417a6e0564ab15091e008f1e4b36ff8a1

    • SHA256

      d53180077d30cbcbec53397db73ab647784a537ab84164557c4abc7befd6dfb1

    • SHA512

      ca2328c68a44686b1b4e32555cc448d193116819cb6cb806078fd795a9301e2cea7f50ef6c6cfa8b9673a20c4b952c766810325ecb7ba9f63ce102dc00c67f00

    • SSDEEP

      1536:gAmkKnnAvjccy7ZeDm4ECd+67ZdC2BjWxr2dJKQDf2:nRKnAvjcV7ZIECdxZdC2tirS3b

    Score
    9/10
    discoveryrootkit

    • Contacts a large (94518) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

      rootkit
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks