Overview

overview

10

Static

static

10

f3f909238b...66.elf

debian-9-mipsel

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f3f909238b26928d0587e272fc702866.elf

  • Size

    97KB

  • Sample

    240419-s9wxfagc58

  • MD5

    f3f909238b26928d0587e272fc702866

  • SHA1

    aa2a80dc9db8553ea5e17958130662955ade4e10

  • SHA256

    7452a8cd6d737917f4d19adcef67e8cc47b643da9d703a37fb2af6644a78edc1

  • SHA512

    2b09a7fd4391dd9bc48314eaaa75a40eabe8b7332099da2525193cb5f79a0b8d654de0d668fc35806f8fe45bdfa21095f1411c9fe29cbf85eb605bee6d154085

  • SSDEEP

    1536:8wPBYpO2CUIO2/M+LIjrqr1oNgfR34b7ZZ/myEhmJ:8yBYpO2rI/u2R3C7gcJ

Score
10/10
miraimiraievasion

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

    • Target

      f3f909238b26928d0587e272fc702866.elf

    • Size

      97KB

    • MD5

      f3f909238b26928d0587e272fc702866

    • SHA1

      aa2a80dc9db8553ea5e17958130662955ade4e10

    • SHA256

      7452a8cd6d737917f4d19adcef67e8cc47b643da9d703a37fb2af6644a78edc1

    • SHA512

      2b09a7fd4391dd9bc48314eaaa75a40eabe8b7332099da2525193cb5f79a0b8d654de0d668fc35806f8fe45bdfa21095f1411c9fe29cbf85eb605bee6d154085

    • SSDEEP

      1536:8wPBYpO2CUIO2/M+LIjrqr1oNgfR34b7ZZ/myEhmJ:8yBYpO2rI/u2R3C7gcJ

    Score
    7/10
    evasion

    • Changes its process name

    • Deletes Audit logs

      Deletes logs related to the Linux Audit framework.

      evasion

    • Deletes itself

    • Deletes system logs

      Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.

      evasion

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Deletes log files

      Deletes log files on the system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

3
T1070

Impair Defenses

1
T1562

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks