mirai | 88f0eed73ebc9d8fe9b7bb60e586441dd89331ad14e67330f01019bb12ea1d28 | Triage

Submit
Reports

Overview

overview

Static

static

fa3cffe632...9b.elf

ubuntu-22.04-amd64

9

Sharing

General

Target

053bcbcd58b623f29be6d4ec2076e2e5.bin
Size

22KB
Sample

240703-bcr4jstblk
MD5

43d13a8a003e7fa861e68e94ce9cc4e3
SHA1

784beafb93b02a591339c2dc032cf444db411709
SHA256

88f0eed73ebc9d8fe9b7bb60e586441dd89331ad14e67330f01019bb12ea1d28
SHA512

4e941705c90bf22726c163953160878b8b7460be42a9a98635d91892a8b746e0a603fee0c8319f2da8aabe6ea7613de3a390b44c9d3a8a9f91131a59dc8df4eb
SSDEEP

384:RFJDex+C3i0FyPBwvM+tAzHAbVTNY3CaRVbkrykj+zNbWn79MJ0Jm5PPBL4:7JDjZAKzHAbVTSSaRVblkoWn79MJ0JmA

Score

10^/10

mirai botnet discovery linux

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

fa3cffe63263dfbdcc6723c37a7f67d9568adb080e257a791a6b167fa13dc19b.elf

Resource

ubuntu2204-amd64-20240522.1-en

ubuntu-22.04-amd64

6 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

C2

fortnite.cryptoinvest.black

Targets

- Target
  
  fa3cffe63263dfbdcc6723c37a7f67d9568adb080e257a791a6b167fa13dc19b.elf
- Size
  
  41KB
- MD5
  
  053bcbcd58b623f29be6d4ec2076e2e5
- SHA1
  
  20acf769ed83961badfa08f6f258a30f2c48067e
- SHA256
  
  fa3cffe63263dfbdcc6723c37a7f67d9568adb080e257a791a6b167fa13dc19b
- SHA512
  
  9aa611cb272c0c2677a806981c43d0c826ff5d1f93437a295f7cc4918b4b495d2f972419aca4239aa2e6beb89b378b78fb843cf64884afd565503f70a4c04126
- SSDEEP
  
  768:b4U9FiNjEB5NXpx19OlqxHgSWpi23UnOq8oY/Bo8G9rKDC+:lojEB5Bpx19OsxH2iRu/ql2DC
Score

9^/10

discovery
- Contacts a large (74726) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy