General

  • Target

    b2b16637d918ec3aaa28e29c56c13bf17ae21caffc56bd3c027bad15b984576a.elf

  • Size

    85KB

  • Sample

    240906-b3k3xsyhjj

  • MD5

    6d1cba0c7fee81061b4e985aaec213bf

  • SHA1

    c9851327d522bca19a875ee54735367a20af5113

  • SHA256

    b2b16637d918ec3aaa28e29c56c13bf17ae21caffc56bd3c027bad15b984576a

  • SHA512

    37f965a2978d9ecb861787014851d315716802408c368fdcc9e83419ef7e6b7409bea9a4df6a053a2f4a1352c40c3188953ab3a527deeb8a657f43104bc7470c

  • SSDEEP

    1536:CmZ0U1rFJDodRzwa+aVviJkRio8DszRy3YhtD0NXuM151jUx2lg9LbxUPaRES/Ad:XZzrJ87zwzaVvvJddhtD0YM151jUx6iS

Malware Config

Extracted

Family

mirai

C2

www.india-scam-call-center.pw

www.akck.ru

45.152.112.46

Targets

    • Target

      b2b16637d918ec3aaa28e29c56c13bf17ae21caffc56bd3c027bad15b984576a.elf

    • Size

      85KB

    • MD5

      6d1cba0c7fee81061b4e985aaec213bf

    • SHA1

      c9851327d522bca19a875ee54735367a20af5113

    • SHA256

      b2b16637d918ec3aaa28e29c56c13bf17ae21caffc56bd3c027bad15b984576a

    • SHA512

      37f965a2978d9ecb861787014851d315716802408c368fdcc9e83419ef7e6b7409bea9a4df6a053a2f4a1352c40c3188953ab3a527deeb8a657f43104bc7470c

    • SSDEEP

      1536:CmZ0U1rFJDodRzwa+aVviJkRio8DszRy3YhtD0NXuM151jUx2lg9LbxUPaRES/Ad:XZzrJ87zwzaVvvJddhtD0YM151jUx6iS

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks