Mirai DDOS Malware Submissions on VirusTotal

Author: Vitali Kremez @VK_intel
Source: https://www.virustotal.com
Goal: Visualize and analyze all recent Mirai DDoS malware submissions on VirusTotal

Steps:
(1) Pull all of the recent Mirai malware submissions from VirusTotal, identified by the YARA signature;
(2) Push the data to ELK (Elasticsearch, Logstash, and Kibana); and
(3) Create a custom timeline dashboard with all the most recent Mirai malware hashes.

Time	first_seen	Mirai md5
November 28th 2016, 12:49:26.000	November 28th 2016, 12:48:58.000	5849bb9ceefee5ef295e7e966d0ba2b5
November 29th 2016, 20:45:44.000	November 28th 2016, 12:25:06.000	9ba4401c2a4faa8975175498dc1fbfd4
November 28th 2016, 12:25:37.000	November 28th 2016, 12:25:06.000	9ba4401c2a4faa8975175498dc1fbfd4
November 28th 2016, 16:54:20.000	November 28th 2016, 12:25:06.000	9ba4401c2a4faa8975175498dc1fbfd4
November 24th 2016, 01:50:13.000	November 24th 2016, 01:49:39.000	bd3689a91daff90950b0f83aeb7ed503
November 23rd 2016, 10:43:12.000	November 20th 2016, 22:26:52.000	6e2002f8d9a6d372d15d9c9dbe9fe286
November 24th 2016, 14:21:42.000	November 20th 2016, 22:26:52.000	6e2002f8d9a6d372d15d9c9dbe9fe286
November 23rd 2016, 16:59:07.000	November 18th 2016, 11:49:09.000	68933ff0ead688099653de1518632a5b
November 28th 2016, 13:37:15.000	November 14th 2016, 18:17:40.000	cb2b4f743d5125cc4c1e067abc783b82
November 29th 2016, 01:56:03.000	November 5th 2016, 03:38:23.000	e8da1bab26ac3507af1c65ee3796170d
November 29th 2016, 01:55:51.000	November 5th 2016, 03:00:39.000	15adef2c484166480d3684425f1fc0b4
November 30th 2016, 04:08:32.000	October 23rd 2016, 20:36:24.000	b0f48738fddf5c14c474f4bda38d81c1

	Peter Kruse on Let’s Learn: In-Depth on…
	mark Johnson on Malware Traffic Internals: Bla…
	Passion on Let’s Learn: In-Depth Re…
	Unknown on Programming Challenge in …
	Hung-Ting on Installing Cuckoo Sandbox on M…

	Peter Kruse on Let’s Learn: In-Depth on…
	mark Johnson on Malware Traffic Internals: Bla…
	Passion on Let’s Learn: In-Depth Re…
	Unknown on Programming Challenge in …
	Hung-Ting on Installing Cuckoo Sandbox on M…

	Peter Kruse on Let’s Learn: In-Depth on…
	mark Johnson on Malware Traffic Internals: Bla…
	Passion on Let’s Learn: In-Depth Re…
	Unknown on Programming Challenge in …
	Hung-Ting on Installing Cuckoo Sandbox on M…

Share this:

Like this:

Related

Leave a Reply Cancel reply