Resubmissions

06-09-2024 15:08

240906-sjb5catdjf 10

05-09-2024 17:49

240905-wegqtawemk 10

General

  • Target

    ed5e50549d1da4c05a9143a75ab15b8ebc78b95350add7faad67cb1fd1b241d0.zip

  • Size

    48KB

  • Sample

    240905-wegqtawemk

  • MD5

    a30aa5a7e71c538eb776de7a8ca248b9

  • SHA1

    7626b23c2872be069183fd66c2ecc61d5a0dc937

  • SHA256

    a20c0c625ad8132bbdf45941fbe9f8fa74e48f268c69ba79a9147d64edafc388

  • SHA512

    dfe85b03fa6cd1ed505006ec04cff6854c65164dc324f7e150339adec51841c797d4ed30fb24f9dc22d20dc592952f2a4be69feb950462990c2dc157e8758687

  • SSDEEP

    1536:AZcweISMJqiuvKVWaTFoUIhNakF1I5EYAp:AO9W0iuvKVObNakFWHAp

Malware Config

Extracted

Family

mirai

C2

www.india-scam-call-center.pw

www.akck.ru

Targets

    • Target

      ed5e50549d1da4c05a9143a75ab15b8ebc78b95350add7faad67cb1fd1b241d0.elf

    • Size

      116KB

    • MD5

      4c21b385c05e1d586096cf82855e5d62

    • SHA1

      edc0ae024e8347aec929531e59bd0740d907f2ab

    • SHA256

      ed5e50549d1da4c05a9143a75ab15b8ebc78b95350add7faad67cb1fd1b241d0

    • SHA512

      49d68890ca72a3b3416f22742037ddaa01cb009cef8cea5fa1d1a2a1432d9d80eebf0b1a10fdc1aed1b33094055c635b24e1bac043def4b6675d1eacf779dfb4

    • SSDEEP

      3072:rVqXenwFWWbDxBcqhWrfyuselz1lPLf/wIH2U:oXen+WWPcqhWrfyu1DpLf52U

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks