ELF DIGEST

Active IoT #botnet Domain: bot[.]hamsterrace[.]space C2: Mirai 84.54.51.82:59666 sample: elfdigest.com/brief/a8587ad2…

#ELF #Mirai C2 connections: 85.202.87[.]162:38241 85.217.144[.]91:38241 opewu[.]homes dfvzfvd[.]help pqahzam[.]ink Ref: virustotal.com/gui/file/10759… Ref: virustotal.com/gui/file/23c60… Ref: virustotal.com/gui/file/a5c36… cc @elfdigest FYI

Active #Mirai #botnet C2: Mirai 45.128.232.121:56999 domain: dfgy[.]shop Sample: elfdigest.com/brief/12bb9755…

Active IoT #botnet Domains: d4xw[.]fun C2: type:Mirai 95.214.24.125:6734 Sample: elfdigest.com/brief/1805368f…

Active #IoT #botnet bins: 194.37.80.97/d C2: type:Mirai 194.37.80.97:9506 Port Scanning: 23 Analysis Report: elfdigest.com/brief/48ed9d5e…

@tosscoinwitcher @James_inthe_box @Gi7w0rm @AnFam17 @pr0xylife @0xToxin Ditribution: hXXp://103.110.33.164 C2s: 103.110.33[.]164:19990 cantdown[.]space skyline2006[.]xyz bato.cantdown[.]space bato.skyline2006[.]xyz skyljne2006.ddns[.]net #ELF #Mirai cc @elfdigest FYI

Active IoT #botnet arch: x86 AvClass2: linux|11,mirai|10,server|3,backdoor|3 analysis: bit.ly/3XW2Atn

Active IoT #botnet arch: x86 AvClass2: linux|12,mirai|8,server|5,backdoor|5 analysis: bit.ly/3pSTbGx

Active IoT #botnet arch: x86 AvClass2: linux|12,mirai|9,server|3,backdoor|3,gafgyt|2 analysis: bit.ly/3K4HmDU

Active IoT #botnet arch: arm AvClass2: linux|11,mirai|9,server|5,backdoor|5 analysis: bit.ly/3NVkMPi

Active IoT #botnet arch: mips AvClass2: linux|13,mirai|10,server|5,backdoor|5 analysis: bit.ly/44LQl4U

Active IoT #botnet URL: 45[.]148.244.224/bins Port Scanning: 23 arch: arm AvClass2: linux|12,mirai|11,server|4,backdoor|4 analysis: bit.ly/3q0VVl4

Active IoT #botnet arch: arm AvClass2: linux|9,mirai|8,server|3,backdoor|3 analysis:bit.ly/43CoVh6

Active IoT #botnet arch: arm AvClass2: linux|10,mirai|7,server|4,backdoor|4 analysis:bit.ly/3Oi9PsE

Active IoT #botnet arch: mips AvClass2: linux|11,mirai|6,server|3,backdoor|3 analysis:bit.ly/3Q0GdBd

Active IoT #botnet suspect C2: 95.214.27.52:6075 Port Scanning: 2323,8083,23,37215,55555,5555 arch: x86 AvClass2: linux|13,mirai|7,server|4,backdoor|4,gafgyt|3 analysis:bit.ly/44NYAO4

Active IoT #botnet URL: 91[.]208.162.48/bins arch: x86 AvClass2: linux|11,mirai|10,server|3,backdoor|3 analysis:bit.ly/3DjyLcV

Active IoT #botnet URL: 185[.]174.136.230/f2q2kke5aadloo4aasdjjjfirbmw domains: cnc.stress.wtf suspect C2: 185.174.136.230:60195 arch: arm AvClass2: mirai|13,linux|13,server|3,backdoor|3,gafgyt|2 analysis:bit.ly/3K4ZopF