General

  • Target

    e1e9e081c9e730efa06ba1ae1c93a8960f6f7730f902ac824c2835dec901964c.elf

  • Size

    117KB

  • Sample

    240906-b9dx7azbrr

  • MD5

    4a562992cfe96cca14e9ae680caf1064

  • SHA1

    8b50ff3f0f4f77431f083d1f527361ced31e228f

  • SHA256

    e1e9e081c9e730efa06ba1ae1c93a8960f6f7730f902ac824c2835dec901964c

  • SHA512

    1e606c5d99fa9958da72a80d2e182b596819a98d0a8852514a3fee01e907a526a7300c10837342535051e72082b029b3f33bd32b81bc45c805f8be3c9f83a6b3

  • SSDEEP

    3072:AVDvu7a0GkH8XcaUJrfhZVNFNITaKW7lJwY7:Ac7axkHYcaUJrfhZLFNbKylOY7

Malware Config

Extracted

Family

mirai

C2

www.india-scam-call-center.pw

Targets

    • Target

      e1e9e081c9e730efa06ba1ae1c93a8960f6f7730f902ac824c2835dec901964c.elf

    • Size

      117KB

    • MD5

      4a562992cfe96cca14e9ae680caf1064

    • SHA1

      8b50ff3f0f4f77431f083d1f527361ced31e228f

    • SHA256

      e1e9e081c9e730efa06ba1ae1c93a8960f6f7730f902ac824c2835dec901964c

    • SHA512

      1e606c5d99fa9958da72a80d2e182b596819a98d0a8852514a3fee01e907a526a7300c10837342535051e72082b029b3f33bd32b81bc45c805f8be3c9f83a6b3

    • SSDEEP

      3072:AVDvu7a0GkH8XcaUJrfhZVNFNITaKW7lJwY7:Ac7axkHYcaUJrfhZLFNbKylOY7

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks