{"id":21354,"date":"2024-01-11T10:42:16","date_gmt":"2024-01-11T09:42:16","guid":{"rendered":"https:\/\/www.defencetech.it\/?p=21354"},"modified":"2025-06-10T10:04:31","modified_gmt":"2025-06-10T08:04:31","slug":"malware-analysis-report-mirai","status":"publish","type":"post","link":"https:\/\/tinextadefence.it\/en\/malware-analysis-report-mirai\/","title":{"rendered":"Malware Analysis Report - Mirai"},"content":{"rendered":"

In today's Malware report, a malware-based attack discovered by analysing log files of a public web server is analysed.\u00a0<\/p>\r\n\r\n\r\n\r\n

The attack consists of exploiting a series of known vulnerabilities through command injection performed within a malicious script, which attempts to download and execute a binary file for different CPU architectures. It will then be able to exploit various vulnerabilities of specific devices.\u00a0<\/p>\r\n\r\n\r\n\r\n

The main objective of this malware is to compromise Linux systems, especially IoT devices, to create a network of remotely controlled bots called 'zombies'.\u00a0<\/p>\r\n\r\n\r\n\r\n

The threat is identified as belonging to the malware family Mirai<\/strong>which is known to conduct large-scale DDoS attacks. The malware behaves aggressively, targeting remote management processes such as 'telnet' and 'ssh' to prevent access to the infected machine. It also has the ability to generate random IPv4 addresses to start the propagation phase.\u00a0<\/p>\r\n\r\n\r\n\r\n

Despite the fact that the identified Command & Control (C&C) have already been taken offline, this report provides crucial information to understand how the Mirai malware works and helps stakeholders to implement cyber security measures and mitigate potential threats to their network.\u00a0<\/p>\r\n\r\n\r\n\r\n

If you wish to learn more, here is the link to our full report<\/a><\/strong>.<\/p>\r\n

In addition, you can subscribe to the specific mailing list Cyber Studios by Tinexta Defence<\/b>, to receive updates on upcoming research: <\/span>https:\/\/tinextadefence.it\/mailing-list-cyber-studios\/<\/span><\/a><\/p>","protected":false},"excerpt":{"rendered":"

Nel Malware report di oggi viene analizzato un attacco basato su malware scoperto tramite analisi di file log di un web server pubblico.\u00a0 L’attacco consiste nello sfruttamento di una serie di vulnerabilit\u00e0 note attraverso command injection eseguite all’interno di uno script dannoso, il quale tenta di scaricare ed eseguire un file binario per diverse architetture […]<\/p>","protected":false},"author":2,"featured_media":26257,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[102],"tags":[110],"class_list":["post-21354","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tinextadefencebusiness","tag-articoli"],"acf":[],"yoast_head":"\nMalware Analysis Report - Mirai - Tinexta Defence<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/tinextadefence.it\/en\/malware-analysis-report-mirai\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Malware Analysis Report - Mirai - Tinexta Defence\" \/>\n<meta property=\"og:description\" content=\"Nel Malware report di oggi viene analizzato un attacco basato su malware scoperto tramite analisi di file log di un web server pubblico.\u00a0 L’attacco consiste nello sfruttamento di una serie di vulnerabilit\u00e0 note attraverso command injection eseguite all’interno di uno script dannoso, il quale tenta di scaricare ed eseguire un file binario per diverse architetture […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/tinextadefence.it\/en\/malware-analysis-report-mirai\/\" \/>\n<meta property=\"og:site_name\" content=\"Tinexta Defence\" \/>\n<meta property=\"article:published_time\" content=\"2024-01-11T09:42:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-10T08:04:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/tinextadefence.it\/wp-content\/uploads\/2025\/03\/Tinexta_Defence_evidenza_articolo.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"640\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Simone Sorte\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Simone Sorte\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/\"},\"author\":{\"name\":\"Simone Sorte\",\"@id\":\"https:\/\/tinextadefence.it\/#\/schema\/person\/1f5092d13bbba815b7d8508dc4a0a941\"},\"headline\":\"Malware Analysis Report – Mirai\",\"datePublished\":\"2024-01-11T09:42:16+00:00\",\"dateModified\":\"2025-06-10T08:04:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/\"},\"wordCount\":236,\"publisher\":{\"@id\":\"https:\/\/tinextadefence.it\/#organization\"},\"image\":{\"@id\":\"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/tinextadefence.it\/wp-content\/uploads\/2025\/03\/Tinexta_Defence_evidenza_articolo.jpg\",\"keywords\":[\"Articoli\"],\"articleSection\":[\"#TDefenceBusiness\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/\",\"url\":\"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/\",\"name\":\"Malware Analysis Report - Mirai - Tinexta Defence\",\"isPartOf\":{\"@id\":\"https:\/\/tinextadefence.it\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/tinextadefence.it\/wp-content\/uploads\/2025\/03\/Tinexta_Defence_evidenza_articolo.jpg\",\"datePublished\":\"2024-01-11T09:42:16+00:00\",\"dateModified\":\"2025-06-10T08:04:31+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/#primaryimage\",\"url\":\"https:\/\/tinextadefence.it\/wp-content\/uploads\/2025\/03\/Tinexta_Defence_evidenza_articolo.jpg\",\"contentUrl\":\"https:\/\/tinextadefence.it\/wp-content\/uploads\/2025\/03\/Tinexta_Defence_evidenza_articolo.jpg\",\"width\":1200,\"height\":640,\"caption\":\"Immagine in evidenza astratta per gli articoli di Tinexta Defence\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/tinextadefence.it\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Malware Analysis Report – Mirai\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/tinextadefence.it\/#website\",\"url\":\"https:\/\/tinextadefence.it\/\",\"name\":\"Tinexta Defence\",\"description\":\"think next, protect now\",\"publisher\":{\"@id\":\"https:\/\/tinextadefence.it\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/tinextadefence.it\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/tinextadefence.it\/#organization\",\"name\":\"Tinexta Defence\",\"url\":\"https:\/\/tinextadefence.it\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/tinextadefence.it\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/tinextadefence.it\/wp-content\/uploads\/2025\/03\/Tinexta_Defence_marchio.png\",\"contentUrl\":\"https:\/\/tinextadefence.it\/wp-content\/uploads\/2025\/03\/Tinexta_Defence_marchio.png\",\"width\":2000,\"height\":990,\"caption\":\"Tinexta Defence\"},\"image\":{\"@id\":\"https:\/\/tinextadefence.it\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/tinextadefence.it\/#\/schema\/person\/1f5092d13bbba815b7d8508dc4a0a941\",\"name\":\"Simone Sorte\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/tinextadefence.it\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/32dedea25589c73ac8f3d6a24a91a3de89a9dbecfeb8badd55816a91df1c8a31?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/32dedea25589c73ac8f3d6a24a91a3de89a9dbecfeb8badd55816a91df1c8a31?s=96&d=mm&r=g\",\"caption\":\"Simone Sorte\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Malware Analysis Report - Mirai - Tinexta Defence","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/tinextadefence.it\/en\/malware-analysis-report-mirai\/","og_locale":"en_GB","og_type":"article","og_title":"Malware Analysis Report - Mirai - Tinexta Defence","og_description":"Nel Malware report di oggi viene analizzato un attacco basato su malware scoperto tramite analisi di file log di un web server pubblico.\u00a0 L’attacco consiste nello sfruttamento di una serie di vulnerabilit\u00e0 note attraverso command injection eseguite all’interno di uno script dannoso, il quale tenta di scaricare ed eseguire un file binario per diverse architetture […]","og_url":"https:\/\/tinextadefence.it\/en\/malware-analysis-report-mirai\/","og_site_name":"Tinexta Defence","article_published_time":"2024-01-11T09:42:16+00:00","article_modified_time":"2025-06-10T08:04:31+00:00","og_image":[{"width":1200,"height":640,"url":"https:\/\/tinextadefence.it\/wp-content\/uploads\/2025\/03\/Tinexta_Defence_evidenza_articolo.jpg","type":"image\/jpeg"}],"author":"Simone Sorte","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Simone Sorte","Estimated reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/#article","isPartOf":{"@id":"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/"},"author":{"name":"Simone Sorte","@id":"https:\/\/tinextadefence.it\/#\/schema\/person\/1f5092d13bbba815b7d8508dc4a0a941"},"headline":"Malware Analysis Report – Mirai","datePublished":"2024-01-11T09:42:16+00:00","dateModified":"2025-06-10T08:04:31+00:00","mainEntityOfPage":{"@id":"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/"},"wordCount":236,"publisher":{"@id":"https:\/\/tinextadefence.it\/#organization"},"image":{"@id":"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/#primaryimage"},"thumbnailUrl":"https:\/\/tinextadefence.it\/wp-content\/uploads\/2025\/03\/Tinexta_Defence_evidenza_articolo.jpg","keywords":["Articoli"],"articleSection":["#TDefenceBusiness"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/","url":"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/","name":"Malware Analysis Report - Mirai - Tinexta Defence","isPartOf":{"@id":"https:\/\/tinextadefence.it\/#website"},"primaryImageOfPage":{"@id":"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/#primaryimage"},"image":{"@id":"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/#primaryimage"},"thumbnailUrl":"https:\/\/tinextadefence.it\/wp-content\/uploads\/2025\/03\/Tinexta_Defence_evidenza_articolo.jpg","datePublished":"2024-01-11T09:42:16+00:00","dateModified":"2025-06-10T08:04:31+00:00","breadcrumb":{"@id":"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/#primaryimage","url":"https:\/\/tinextadefence.it\/wp-content\/uploads\/2025\/03\/Tinexta_Defence_evidenza_articolo.jpg","contentUrl":"https:\/\/tinextadefence.it\/wp-content\/uploads\/2025\/03\/Tinexta_Defence_evidenza_articolo.jpg","width":1200,"height":640,"caption":"Immagine in evidenza astratta per gli articoli di Tinexta Defence"},{"@type":"BreadcrumbList","@id":"https:\/\/tinextadefence.it\/malware-analysis-report-mirai\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/tinextadefence.it\/"},{"@type":"ListItem","position":2,"name":"Malware Analysis Report – Mirai"}]},{"@type":"WebSite","@id":"https:\/\/tinextadefence.it\/#website","url":"https:\/\/tinextadefence.it\/","name":"Tinexta Defence","description":"think next, protect now","publisher":{"@id":"https:\/\/tinextadefence.it\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/tinextadefence.it\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/tinextadefence.it\/#organization","name":"Tinexta Defence","url":"https:\/\/tinextadefence.it\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/tinextadefence.it\/#\/schema\/logo\/image\/","url":"https:\/\/tinextadefence.it\/wp-content\/uploads\/2025\/03\/Tinexta_Defence_marchio.png","contentUrl":"https:\/\/tinextadefence.it\/wp-content\/uploads\/2025\/03\/Tinexta_Defence_marchio.png","width":2000,"height":990,"caption":"Tinexta Defence"},"image":{"@id":"https:\/\/tinextadefence.it\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/tinextadefence.it\/#\/schema\/person\/1f5092d13bbba815b7d8508dc4a0a941","name":"Simone Sorte","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/tinextadefence.it\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/32dedea25589c73ac8f3d6a24a91a3de89a9dbecfeb8badd55816a91df1c8a31?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/32dedea25589c73ac8f3d6a24a91a3de89a9dbecfeb8badd55816a91df1c8a31?s=96&d=mm&r=g","caption":"Simone Sorte"}}]}},"_links":{"self":[{"href":"https:\/\/tinextadefence.it\/en\/wp-json\/wp\/v2\/posts\/21354","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tinextadefence.it\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tinextadefence.it\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tinextadefence.it\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/tinextadefence.it\/en\/wp-json\/wp\/v2\/comments?post=21354"}],"version-history":[{"count":0,"href":"https:\/\/tinextadefence.it\/en\/wp-json\/wp\/v2\/posts\/21354\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tinextadefence.it\/en\/wp-json\/wp\/v2\/media\/26257"}],"wp:attachment":[{"href":"https:\/\/tinextadefence.it\/en\/wp-json\/wp\/v2\/media?parent=21354"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tinextadefence.it\/en\/wp-json\/wp\/v2\/categories?post=21354"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tinextadefence.it\/en\/wp-json\/wp\/v2\/tags?post=21354"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}