General

  • Target

    5a8057537df065a127a5615dc62c404a8e302e4a49c16418ac0ea667e6968ef1.elf

  • Size

    77KB

  • Sample

    240703-bpjypstgmr

  • MD5

    6461ab227ad81e27971b6aa6a7005eb5

  • SHA1

    5702b5b76de439b30b0b6f1acce89af608441b59

  • SHA256

    5a8057537df065a127a5615dc62c404a8e302e4a49c16418ac0ea667e6968ef1

  • SHA512

    f8a249c631375c9dc9ffe6f22adeafdff74c53ee2c15a9d9c37fd184ae1442deff1774d8910948e98d558e33e0f9a99eca8ed26a1ceb0756a06c5be7536d5059

  • SSDEEP

    1536:G4Z8LUay6+vl/R1KIdysUmR9EiYHXwqdtV1qAX5jjET6:B6ry6+vdGIdysUKStV1PXxjI6

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

    • Target

      5a8057537df065a127a5615dc62c404a8e302e4a49c16418ac0ea667e6968ef1.elf

    • Size

      77KB

    • MD5

      6461ab227ad81e27971b6aa6a7005eb5

    • SHA1

      5702b5b76de439b30b0b6f1acce89af608441b59

    • SHA256

      5a8057537df065a127a5615dc62c404a8e302e4a49c16418ac0ea667e6968ef1

    • SHA512

      f8a249c631375c9dc9ffe6f22adeafdff74c53ee2c15a9d9c37fd184ae1442deff1774d8910948e98d558e33e0f9a99eca8ed26a1ceb0756a06c5be7536d5059

    • SSDEEP

      1536:G4Z8LUay6+vl/R1KIdysUmR9EiYHXwqdtV1qAX5jjET6:B6ry6+vdGIdysUKStV1PXxjI6

    Score
    7/10
    • Deletes itself

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks