mirai | 8d052af0e3ec4e7fdb79975cadc002f7e0182793d15fa52c62604d3b402fa1d8 | Triage

Sharing

General

Target

2bc28bfff62f58211afa492fbe15c8d5.elf
Size

60KB
Sample

230704-qsyctsfa9y
MD5

2bc28bfff62f58211afa492fbe15c8d5
SHA1

eebf820b7c8afbbfdc07a967fd75c462ef358ec4
SHA256

8d052af0e3ec4e7fdb79975cadc002f7e0182793d15fa52c62604d3b402fa1d8
SHA512

89b5aaf8f57722c6e8652d09ad5a435a86a9e2c496ce1101ed066c4f717033de5b0bacde22da4b7a0e2ac1f75e1ad87e941e100f496a0b991f7928419ca3b130
SSDEEP

1536:ESEKY4Jzjw+Qld5UIqZEZtY+fq++dHgVwRe0Hcl2x:m+s+Qj5UIqZEZtjfqLAVwRexl2

Score

10^/10

mirai linux

Malware Config

Extracted

Family

mirai

C2

cnc.nulling.to

Targets

- Target
  
  2bc28bfff62f58211afa492fbe15c8d5.elf
- Size
  
  60KB
- MD5
  
  2bc28bfff62f58211afa492fbe15c8d5
- SHA1
  
  eebf820b7c8afbbfdc07a967fd75c462ef358ec4
- SHA256
  
  8d052af0e3ec4e7fdb79975cadc002f7e0182793d15fa52c62604d3b402fa1d8
- SHA512
  
  89b5aaf8f57722c6e8652d09ad5a435a86a9e2c496ce1101ed066c4f717033de5b0bacde22da4b7a0e2ac1f75e1ad87e941e100f496a0b991f7928419ca3b130
- SSDEEP
  
  1536:ESEKY4Jzjw+Qld5UIqZEZtY+fq++dHgVwRe0Hcl2x:m+s+Qj5UIqZEZtjfqLAVwRexl2
Score

7^/10
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1