General

  • Target

    31b8d1ee9bbbd136b26d1000b3353234115913f90da88389b03ff5b2825d1cd0.elf

  • Size

    24KB

  • Sample

    240522-bpa1ssfh8v

  • MD5

    c36198cf6a51d72798e6cc13f0c4609f

  • SHA1

    e7b264afd633f6ebc5ee9d11b21da74195f008d1

  • SHA256

    31b8d1ee9bbbd136b26d1000b3353234115913f90da88389b03ff5b2825d1cd0

  • SHA512

    5a5d63e7f9ba9de073bb90a76f71bcf786e51744d4c5a1c401fae4702b4308c2a81b8a1d7d24280813d2d64a479b31b11bf325adc397d81f353473e274315d7e

  • SSDEEP

    384:hkU3Sq+7RxrsPdUrQ8RwHP5s9MJuDITs6fRkW8LqJC+GbF1pxiqEN25M5B7hN:qxgPdsyHP5g7DkTaW09bFTQNGMf

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      31b8d1ee9bbbd136b26d1000b3353234115913f90da88389b03ff5b2825d1cd0.elf

    • Size

      24KB

    • MD5

      c36198cf6a51d72798e6cc13f0c4609f

    • SHA1

      e7b264afd633f6ebc5ee9d11b21da74195f008d1

    • SHA256

      31b8d1ee9bbbd136b26d1000b3353234115913f90da88389b03ff5b2825d1cd0

    • SHA512

      5a5d63e7f9ba9de073bb90a76f71bcf786e51744d4c5a1c401fae4702b4308c2a81b8a1d7d24280813d2d64a479b31b11bf325adc397d81f353473e274315d7e

    • SSDEEP

      384:hkU3Sq+7RxrsPdUrQ8RwHP5s9MJuDITs6fRkW8LqJC+GbF1pxiqEN25M5B7hN:qxgPdsyHP5g7DkTaW09bFTQNGMf

    Score
    10/10
    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks