General

  • Target

    8d1a4d26bd035ddf427fa6fd5cf952f42e4d67532aef3fbb26e55323beffe4d1.elf

  • Size

    77KB

  • Sample

    240906-bwzyhazamh

  • MD5

    54c0d30fb5d9d522de14c85259931db6

  • SHA1

    579785fb352adf88385620ac6b47489f52d968a2

  • SHA256

    8d1a4d26bd035ddf427fa6fd5cf952f42e4d67532aef3fbb26e55323beffe4d1

  • SHA512

    964940d1dc117e0dc4ecd2938dbbcc5474197a17eac93e091517a6055f867505acbb9db8ba27b2f3cf91e0ef4d4cd0238cb67d875a8b45a67c4805ed622c97f9

  • SSDEEP

    1536:mzUxJ3Z9XOGtmP7sswSozS65Jnn5DlgJ3ha0WzEOreEE/Jkrhq:pxZZ9XOGM7sdSo+65JnnngJ3hXWY2NMz

Malware Config

Extracted

Family

mirai

C2

www.india-scam-call-center.pw

www.akck.ru

45.152.112.46

Targets

    • Target

      8d1a4d26bd035ddf427fa6fd5cf952f42e4d67532aef3fbb26e55323beffe4d1.elf

    • Size

      77KB

    • MD5

      54c0d30fb5d9d522de14c85259931db6

    • SHA1

      579785fb352adf88385620ac6b47489f52d968a2

    • SHA256

      8d1a4d26bd035ddf427fa6fd5cf952f42e4d67532aef3fbb26e55323beffe4d1

    • SHA512

      964940d1dc117e0dc4ecd2938dbbcc5474197a17eac93e091517a6055f867505acbb9db8ba27b2f3cf91e0ef4d4cd0238cb67d875a8b45a67c4805ed622c97f9

    • SSDEEP

      1536:mzUxJ3Z9XOGtmP7sswSozS65Jnn5DlgJ3ha0WzEOreEE/Jkrhq:pxZZ9XOGM7sdSo+65JnnngJ3hXWY2NMz

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

MITRE ATT&CK Enterprise v15

Tasks