General
-
Target
miraint.mpsl.elf
-
Size
69KB
-
Sample
240702-e5dy6szckn
-
MD5
f6ee7f4c0cb499b494fb87cf4c5fd229
-
SHA1
290b3e4af244cd0c8eb5ca358247e828c340639f
-
SHA256
93e4ec4cd498db44cb166868d00f8464d89a5bac7fcdc76115d96bdddabffdc0
-
SHA512
0fd77e13e8a7106ed4e4b5efacc2259655d701b54fc0b77a089e54f32ae0af53ebc2e220a036970358eb75f1ff4154cb2220092e68a2223816cbea06f47001ee
-
SSDEEP
768:CDScD5GY2naf8i2Sxt9yYExR15IP+I5vTemle5Re5bLvu35XiANe1j95E:CDSC5G9afb249FKbI5fl8RWbbyq1
Behavioral task
behavioral1
Sample
miraint.mpsl.elf
Resource
debian12-mipsel-20240418-en
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
miraint.mpsl.elf
-
Size
69KB
-
MD5
f6ee7f4c0cb499b494fb87cf4c5fd229
-
SHA1
290b3e4af244cd0c8eb5ca358247e828c340639f
-
SHA256
93e4ec4cd498db44cb166868d00f8464d89a5bac7fcdc76115d96bdddabffdc0
-
SHA512
0fd77e13e8a7106ed4e4b5efacc2259655d701b54fc0b77a089e54f32ae0af53ebc2e220a036970358eb75f1ff4154cb2220092e68a2223816cbea06f47001ee
-
SSDEEP
768:CDScD5GY2naf8i2Sxt9yYExR15IP+I5vTemle5Re5bLvu35XiANe1j95E:CDSC5G9afb249FKbI5fl8RWbbyq1
Score7/10-
Deletes itself
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-