General

  • Target

    ec089e002f2339db285e95060d5a84d827da635a631b68951999ad56393903fa.elf

  • Size

    85KB

  • Sample

    240906-cbb7dazgnf

  • MD5

    1981f2cfcd1d1de5bdd99d039380d106

  • SHA1

    20f6431b9b900b1de38e8854b3694da4ab4cb6ae

  • SHA256

    ec089e002f2339db285e95060d5a84d827da635a631b68951999ad56393903fa

  • SHA512

    b594c175864c25cd1e1dc9c6f19c849cef8567061eb38bd6ee6937a9eda29ce2ed4fe7c7b835bf7402ef4c58cbc302f6905177c95e0d92fa81b79c3f5b49e4aa

  • SSDEEP

    1536:i+tfuSpj5F5mmIonZIpfeMNAYOCAIWjzIWlKC03MamTy/w2rRu/BVredYqt:i+XZ5F5mtonZIpmMYIWFsC03MRTAw2r/

Malware Config

Extracted

Family

mirai

C2

www.india-scam-call-center.pw

45.152.112.46

Targets

    • Target

      ec089e002f2339db285e95060d5a84d827da635a631b68951999ad56393903fa.elf

    • Size

      85KB

    • MD5

      1981f2cfcd1d1de5bdd99d039380d106

    • SHA1

      20f6431b9b900b1de38e8854b3694da4ab4cb6ae

    • SHA256

      ec089e002f2339db285e95060d5a84d827da635a631b68951999ad56393903fa

    • SHA512

      b594c175864c25cd1e1dc9c6f19c849cef8567061eb38bd6ee6937a9eda29ce2ed4fe7c7b835bf7402ef4c58cbc302f6905177c95e0d92fa81b79c3f5b49e4aa

    • SSDEEP

      1536:i+tfuSpj5F5mmIonZIpfeMNAYOCAIWjzIWlKC03MamTy/w2rRu/BVredYqt:i+XZ5F5mtonZIpmMYIWFsC03MRTAw2r/

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

MITRE ATT&CK Enterprise v15

Tasks