General
-
Target
20d263bd6e0552cad17ec45eeff1844b.bin
-
Size
37KB
-
Sample
240417-bgm1dshd28
-
MD5
c08242ae956c8b9575dd5e33bcef1cb4
-
SHA1
aa1dab21bbfb37ad18671f2256fb2690b846089f
-
SHA256
b89e29063ba0dbe95a2090399595668817473361c96ef622d143ec7980cddb1b
-
SHA512
61e772eb91428cf2e1f898c1d1cf694bb7cfdb4a3d2e5ed318568fe78950dd9d4789659ec3ae141aa72386e87a12d21ac73037a596601df49c7f260986c97b28
-
SSDEEP
768:l5NAcoMFbz+7WPgeRue+yctkQX02K+RubYkYSLz4AfQEqflRiDT0FqVpr:GM51PRUeTcuQDA09mHpe0pr
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
648fcb9bac190539eda0026332834bb94f935c3c2817864d8d26f21bdd35989b.elf
-
Size
74KB
-
MD5
20d263bd6e0552cad17ec45eeff1844b
-
SHA1
67a23901d5f3276ba4e8c95c21aeb79ca584a36a
-
SHA256
648fcb9bac190539eda0026332834bb94f935c3c2817864d8d26f21bdd35989b
-
SHA512
f721ddcbcb19d22057d8a4b7402fa8d852872b3df3de18a13b8c983407fb29cd06ef7b9c35c4c50a179ac98fd2e70296806487fc59d4a9e291fa248662ac5eef
-
SSDEEP
1536:EUPldq0TJFnqXKvdo7DYZXjs56tbWuhyN/XemIdRI1R+5vY1SLq7wTVVi:9NdDznqoK7D4s5UWxem0I1R+JeSOcTf
Score7/10-
Changes its process name
-
Deletes Audit logs
Deletes logs related to the Linux Audit framework.
-
Deletes itself
-
Deletes journal logs
Deletes systemd journal logs. Likely to evade detection.
-
Deletes system logs
Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Deletes log files
Deletes log files on the system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads CPU attributes
-