Overview

overview

10

Static

static

10

6c7e5641ef...f7.elf

debian-9-mips

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6c7e5641ef487524708c94c585d8575bee343c25e1fabcb2b49e9ae26849e5f7.elf

  • Size

    123KB

  • Sample

    240229-f7aj7sff59

  • MD5

    bae0c9d003927c8a3d45bc9c037375f7

  • SHA1

    8eeb9e9c7adbab720d41a9f9be11b36a60a6e43d

  • SHA256

    6c7e5641ef487524708c94c585d8575bee343c25e1fabcb2b49e9ae26849e5f7

  • SHA512

    386bafce421a1e1d5881a0d4c2dbdfa0f58c5b46b85130862f976f076e04e9f3f2488be19c1415b9ef71ded6bd6aeed980677c5776a8035594ba7e5333e14ad4

  • SSDEEP

    3072:0rG6r/Jvx96mBPYEHL7Tg1UjBEEGUBGxIr7M+jQ199n:qGw/Fx9ZBPtL756Gkf99n

Score
10/10
mirai

Malware Config

Targets

    • Target

      6c7e5641ef487524708c94c585d8575bee343c25e1fabcb2b49e9ae26849e5f7.elf

    • Size

      123KB

    • MD5

      bae0c9d003927c8a3d45bc9c037375f7

    • SHA1

      8eeb9e9c7adbab720d41a9f9be11b36a60a6e43d

    • SHA256

      6c7e5641ef487524708c94c585d8575bee343c25e1fabcb2b49e9ae26849e5f7

    • SHA512

      386bafce421a1e1d5881a0d4c2dbdfa0f58c5b46b85130862f976f076e04e9f3f2488be19c1415b9ef71ded6bd6aeed980677c5776a8035594ba7e5333e14ad4

    • SSDEEP

      3072:0rG6r/Jvx96mBPYEHL7Tg1UjBEEGUBGxIr7M+jQ199n:qGw/Fx9ZBPtL756Gkf99n

    Score
    7/10

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks