General
-
Target
SecuriteInfo.com.Linux.Siggen.9999.28296.16277.elf
-
Size
23KB
-
Sample
230808-t1cymsea26
-
MD5
8bad1155b556fca8d3d9433c87a9f0e1
-
SHA1
a20c79546003dc1d47190c67ff1e579ff5d20ca5
-
SHA256
09081df20d420754042ac549b8abd72b004227b9ff269259643524d044f41ba1
-
SHA512
dc3c1cd5aa7d3a18a9ce39c2609565b42ea718adf6d7fec799bd2cae0b1330e9ca1a41da22a77dea29df2faaf1dee2662972b508380234a123424e818fe337cc
-
SSDEEP
384:+8CiWwqONsP1gznEg78L7TZhedY5Mwbo/uTwqBTkWNDEvi+VqmfXFJgGlzDpH7uw:+riYONxD6Kx9uTt/NYvRVqeXFJgGlzDJ
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
SecuriteInfo.com.Linux.Siggen.9999.28296.16277.elf
-
Size
23KB
-
MD5
8bad1155b556fca8d3d9433c87a9f0e1
-
SHA1
a20c79546003dc1d47190c67ff1e579ff5d20ca5
-
SHA256
09081df20d420754042ac549b8abd72b004227b9ff269259643524d044f41ba1
-
SHA512
dc3c1cd5aa7d3a18a9ce39c2609565b42ea718adf6d7fec799bd2cae0b1330e9ca1a41da22a77dea29df2faaf1dee2662972b508380234a123424e818fe337cc
-
SSDEEP
384:+8CiWwqONsP1gznEg78L7TZhedY5Mwbo/uTwqBTkWNDEvi+VqmfXFJgGlzDpH7uw:+riYONxD6Kx9uTt/NYvRVqeXFJgGlzDJ
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-