mirai | eba40290f67fa0cbc4fbf1c8a86adf49fd1a7b89a6979be48bac1bca5ac71bb7 | Triage

Sharing

General

Target

5e00919715880970cba91795d7078453.bin
Size

30KB
Sample

250413-bm1hnsv1hw
MD5

b1d96967b4aba0df2d034450d5e9bc74
SHA1

f1d4a8caf15ade6a2dbe97158e096cf0a48d2166
SHA256

eba40290f67fa0cbc4fbf1c8a86adf49fd1a7b89a6979be48bac1bca5ac71bb7
SHA512

2333145fd96cf80e655bf6e0df75c49842528d99cb918b91fcd2f93a164647b5b6ababce8371cfde825afca5e95fda9399e212502e6056fa39c0464c381b3217
SSDEEP

768:6bTuM9eXryAsSdULs9eOmGWRX327ni0h3R:6/D9+ryjkqOBuX327i0h3R

Score

10^/10

mirai mirai defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  707c76833704af2127fbbd2ababe61c417340b3fe8c12cedd8caa2122afecc29.elf
- Size
  
  77KB
- MD5
  
  5e00919715880970cba91795d7078453
- SHA1
  
  b5ad4293488c439004670801555677bde3368220
- SHA256
  
  707c76833704af2127fbbd2ababe61c417340b3fe8c12cedd8caa2122afecc29
- SHA512
  
  2d5b388de442999b22c76b02b3b4b3448dfa53a6348f2d557f5761c9e02b81194c7a7ff668da4a560febe0f5fcd2ceaac40181259eae0b79b2dbfab03e3f4934
- SSDEEP
  
  1536:DM8dlkyCuyPlr51SUJCGy99wOYf8Pzqaa4enN4a:w+5CuyP5GUJCGK9zqaa4enOa
Score

9^/10

defense_evasion discovery
- Contacts a large (12953) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery