General
-
Target
mpsl
-
Size
33KB
-
Sample
240414-sgj26scd2s
-
MD5
bf258297d167054f2e6eb0663ec8112e
-
SHA1
b8c339df5c160fefd0d074f38090e4f7bb6c7f7f
-
SHA256
396727615b18e1cb701c77fd5c85d7f33734ced97a9ecd930cc4d5c9590b3d01
-
SHA512
ba01240a4ebe685a58b232ebea07320cab6572dbd6ae848e9fb09dfccbff7618f534577cf7cd6e968c499f16ea84203053471fe035434238aea8452059fa950f
-
SSDEEP
384:ej1iuHGHYf5iuK/qSY6ZFTMLRisYOee0Cr3LWL59AlLDvX9QDB0EG7jD+QBTmixW:eBHb5iuKpiYORpWoZTaojjTpH3WJ
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
mpsl
-
Size
33KB
-
MD5
bf258297d167054f2e6eb0663ec8112e
-
SHA1
b8c339df5c160fefd0d074f38090e4f7bb6c7f7f
-
SHA256
396727615b18e1cb701c77fd5c85d7f33734ced97a9ecd930cc4d5c9590b3d01
-
SHA512
ba01240a4ebe685a58b232ebea07320cab6572dbd6ae848e9fb09dfccbff7618f534577cf7cd6e968c499f16ea84203053471fe035434238aea8452059fa950f
-
SSDEEP
384:ej1iuHGHYf5iuK/qSY6ZFTMLRisYOee0Cr3LWL59AlLDvX9QDB0EG7jD+QBTmixW:eBHb5iuKpiYORpWoZTaojjTpH3WJ
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Changes its process name
-
Deletes Audit logs
Deletes logs related to the Linux Audit framework.
-
Deletes itself
-
Deletes journal logs
Deletes systemd journal logs. Likely to evade detection.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-