General

  • Target

    beaeb0bc06826cd38c5ca522365dad1a9463defdd9767aa8c04edf464ae38fd0.elf

  • Size

    52KB

  • Sample

    240810-b322fatfpd

  • MD5

    cf8e2ae50926d7fdeb626ba034ddfd5a

  • SHA1

    ebcbacadb31db36fc8cc7a69c5b244ab35fe0437

  • SHA256

    beaeb0bc06826cd38c5ca522365dad1a9463defdd9767aa8c04edf464ae38fd0

  • SHA512

    2c96d21c68fe011a7fae761ad692756f36d0630ceb21e9621ca0f43fe0a0e342cfade03b34a76dbe02ef5fc9fb5a1bcd1132d04ea92d8e1c495f6c25d017de7d

  • SSDEEP

    1536:f/fQx7LSrHzswsw5bxrLWdR5tgZ6c9otO:P27Oi+xrLsrtgZ6OcO

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      beaeb0bc06826cd38c5ca522365dad1a9463defdd9767aa8c04edf464ae38fd0.elf

    • Size

      52KB

    • MD5

      cf8e2ae50926d7fdeb626ba034ddfd5a

    • SHA1

      ebcbacadb31db36fc8cc7a69c5b244ab35fe0437

    • SHA256

      beaeb0bc06826cd38c5ca522365dad1a9463defdd9767aa8c04edf464ae38fd0

    • SHA512

      2c96d21c68fe011a7fae761ad692756f36d0630ceb21e9621ca0f43fe0a0e342cfade03b34a76dbe02ef5fc9fb5a1bcd1132d04ea92d8e1c495f6c25d017de7d

    • SSDEEP

      1536:f/fQx7LSrHzswsw5bxrLWdR5tgZ6c9otO:P27Oi+xrLsrtgZ6OcO

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Contacts a large (20716) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

MITRE ATT&CK Enterprise v15

Tasks