General
-
Target
SecuriteInfo.com.Linux.Siggen.9999.7014.17279.elf
-
Size
27KB
-
Sample
240423-bwt29aba6z
-
MD5
67411953a1abafcb7bece7e975202533
-
SHA1
9c9e2e8844056ea7de03a47f4718e17b4a359ee3
-
SHA256
90ceb94118e058724436556bb5979fcb5053b11a0f6b693dbcac0f772918ae65
-
SHA512
a6ece3c53c438e48a9dfe3cc88a0b41838c1f88a0e793c3f33d1f2f877ba7b28c746d446b0aa8807ec4402efa86bf6cbc2e64322da800b9e7dff20b6b31bf7d1
-
SSDEEP
768:yoltRHOi0optXiZ09WU0qHyerhZYRYKzYKjMJgGlzDpbuR1JT:Plf3ptXiW939OVYKjEVJup
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
SecuriteInfo.com.Linux.Siggen.9999.7014.17279.elf
-
Size
27KB
-
MD5
67411953a1abafcb7bece7e975202533
-
SHA1
9c9e2e8844056ea7de03a47f4718e17b4a359ee3
-
SHA256
90ceb94118e058724436556bb5979fcb5053b11a0f6b693dbcac0f772918ae65
-
SHA512
a6ece3c53c438e48a9dfe3cc88a0b41838c1f88a0e793c3f33d1f2f877ba7b28c746d446b0aa8807ec4402efa86bf6cbc2e64322da800b9e7dff20b6b31bf7d1
-
SSDEEP
768:yoltRHOi0optXiZ09WU0qHyerhZYRYKzYKjMJgGlzDpbuR1JT:Plf3ptXiW939OVYKjEVJup
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-