mirai | 2ce05126729d02c31959e74c117d07db74aca78f4d6f2c0e683090569943b407 | Triage

Sharing

General

Target

01bdbcadb6b151562a7ff207280368ab9f77a976114494479415eec71d1a5b51.zip
Size

29KB
Sample

250408-l8qwgas1dt
MD5

b64d596c950037d9d1885cf61f800dbd
SHA1

0345c5d989d385ed17f7d56d9616f5e783476c63
SHA256

2ce05126729d02c31959e74c117d07db74aca78f4d6f2c0e683090569943b407
SHA512

d6ef45e1ce4961096ca69a4a0b2820be0a293996f40c47f5c4a0452ead3268881e0b97df20bbc3c05b5cac112aceffb620f6e96e490557ed2a8438e3aebdaee0
SSDEEP

768:QSTLkqWGsqPACk50WICoYjFUEFJBbgPygV5zb8sEJd0h:FLkcjA/7pXAhCXu

Score

10^/10

mirai demons discovery linux

Malware Config

Extracted

Family

mirai

Botnet

DEMONS

Targets

- Target
  
  01bdbcadb6b151562a7ff207280368ab9f77a976114494479415eec71d1a5b51.elf
- Size
  
  57KB
- MD5
  
  caf4a18e806274c837ea68a1b34f6755
- SHA1
  
  9d3a79b50941f32fc94a2f9a30dde2e2dc21f7bb
- SHA256
  
  01bdbcadb6b151562a7ff207280368ab9f77a976114494479415eec71d1a5b51
- SHA512
  
  71eaf0593657b7da64d20ac60b5d6a9e0657444b3c33cc039b49fbd5be6072c892b0f69556297b8ecd533a40036e639ff78935b3e8919a18a730226fa28021b8
- SSDEEP
  
  1536:1XIY73si3qEToSRhIN2Q/K6C8u50pfEHwNLJ:2Y7H6ETRhID/Kn5qEHw1J
Score

6^/10

discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1