General

  • Target

    2d4784d083074f0e00f247c21293386fba5a3a5c92e4c409120486c42d370fa9.elf

  • Size

    118KB

  • Sample

    240906-bgvp8sxfnn

  • MD5

    d5acb40d2a6543745bf1af0c9aab09c0

  • SHA1

    4e3cf253e4c99916bbcd094bf894894c8324def9

  • SHA256

    2d4784d083074f0e00f247c21293386fba5a3a5c92e4c409120486c42d370fa9

  • SHA512

    a5b6e1d9100f7b7da437f300e55f8a17e37c4f0a749db85ae964baa7170cfdaa8713f4b6d9f345bc8cb77c82a014748306ce058210904183b5a7029ad8aee538

  • SSDEEP

    1536:AkmPmLSvpLF/X1viOhB0mIvJnzshnJRaCtG6COzXLxjHomlUnjjDSHEBgR47ZIwv:816OEJnOJRJtG6COzkrScgR47YeIuS

Malware Config

Extracted

Family

mirai

C2

www.india-scam-call-center.pw

www.akck.ru

Targets

    • Target

      2d4784d083074f0e00f247c21293386fba5a3a5c92e4c409120486c42d370fa9.elf

    • Size

      118KB

    • MD5

      d5acb40d2a6543745bf1af0c9aab09c0

    • SHA1

      4e3cf253e4c99916bbcd094bf894894c8324def9

    • SHA256

      2d4784d083074f0e00f247c21293386fba5a3a5c92e4c409120486c42d370fa9

    • SHA512

      a5b6e1d9100f7b7da437f300e55f8a17e37c4f0a749db85ae964baa7170cfdaa8713f4b6d9f345bc8cb77c82a014748306ce058210904183b5a7029ad8aee538

    • SSDEEP

      1536:AkmPmLSvpLF/X1viOhB0mIvJnzshnJRaCtG6COzXLxjHomlUnjjDSHEBgR47ZIwv:816OEJnOJRJtG6COzkrScgR47YeIuS

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks