Overview

overview

10

Static

static

7

42c1afa196...eb.elf

ubuntu-20.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0842c61836702a0076322f2b7d544573.bin

  • Size

    30KB

  • Sample

    240403-bc51eaba85

  • MD5

    f326b430a97e61e6e5fee522aee7c09f

  • SHA1

    49ff9654ecb1ab0db67c8db67afbeb91826a90fe

  • SHA256

    a4349c07a52887766fcd68c89355d398065fbbc81180e6a800c0844de373af0e

  • SHA512

    da750bd67e35c7d1d8db35b9cb1348d393ba9b81c45046e8593f6cc7a773c6cb8a19acc5237449e6b36f2bfca651b3bbe7da5b94f57661c1ce204a4702019b61

  • SSDEEP

    768:jFxYIquORyXgndKy0j8YWLdOPKDPiC6CjN1VjkOvW:4ZuOkTLsLdOPKbiC6MNjjkcW

Score
10/10
miraimiraibotnetlinuxupx

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

    • Target

      42c1afa196dd457a3c9ec69e786c029b7b98f0b5be4041cfbd8b2910352435eb.elf

    • Size

      30KB

    • MD5

      0842c61836702a0076322f2b7d544573

    • SHA1

      f5abaa6bd4119636147e1bbb74407f097d8509f5

    • SHA256

      42c1afa196dd457a3c9ec69e786c029b7b98f0b5be4041cfbd8b2910352435eb

    • SHA512

      493bb8235286e258af22211a2c29a051780f2397c9bf76fff5b5bd6f7a9e9906a8e80d93bb8a7aeea7e0b3bca65e8886796d21a671e8ecb10f7ef8570feb52a5

    • SSDEEP

      384:MpS56NYte96zrpEQQJM73j1AMjtA0/cp/M86ShEbrB0by26zqyTAuErDNu+v1RB:9JlEQAMn1AQ4y8vhkl0mJqYAN/NRB

    Score
    10/10
    miraimiraibotnet

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Changes its process name

    • Deletes itself

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks