General

  • Target

    ca66e7e3b88774b516cdb586873f168b21ef248db92a3497201669cbd801d28f.elf

  • Size

    48KB

  • Sample

    240703-c2575stajh

  • MD5

    631add36e35f90dfb79cee256fc63821

  • SHA1

    d0e5d022b20fcdbee1a22051de5af92934abda5e

  • SHA256

    ca66e7e3b88774b516cdb586873f168b21ef248db92a3497201669cbd801d28f

  • SHA512

    2008ca6b4410c20ef709bba6971c80381400a28b711f8e39e82d025490bf0413134e5e012433f882a7f6d796717a1b5d164ba1f6536e5de98b153d4192c47aef

  • SSDEEP

    768:Ii+liNWE5NttVEi4Ws5BkbVTco8UNPWfd/0g6SDZk1oo:IiK25NttVEi4WszsVTcqWV/0g6OZk

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

    • Target

      ca66e7e3b88774b516cdb586873f168b21ef248db92a3497201669cbd801d28f.elf

    • Size

      48KB

    • MD5

      631add36e35f90dfb79cee256fc63821

    • SHA1

      d0e5d022b20fcdbee1a22051de5af92934abda5e

    • SHA256

      ca66e7e3b88774b516cdb586873f168b21ef248db92a3497201669cbd801d28f

    • SHA512

      2008ca6b4410c20ef709bba6971c80381400a28b711f8e39e82d025490bf0413134e5e012433f882a7f6d796717a1b5d164ba1f6536e5de98b153d4192c47aef

    • SSDEEP

      768:Ii+liNWE5NttVEi4Ws5BkbVTco8UNPWfd/0g6SDZk1oo:IiK25NttVEi4WszsVTcqWV/0g6OZk

    Score
    7/10
    • Deletes itself

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks