Overview

overview

10

Static

static

10

1acff51c52...45.elf

debian-12-mipsel

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    1acff51c52f90955d6b5f1767389068db9d143bfbe0b9d0ba05ddf29676c0345.elf

  • Size

    130KB

  • Sample

    240906-f3hp1sycpj

  • MD5

    8c5bfcde593b69226c0b257c632627dc

  • SHA1

    7290a1be4f038f61b48e5d20d960d4ea9c9a43d4

  • SHA256

    1acff51c52f90955d6b5f1767389068db9d143bfbe0b9d0ba05ddf29676c0345

  • SHA512

    b8277d934fa4b8df5890da6f2c9cb6e47bb3a6736ad11544049e5b7c10ff0e0d6ef3a347457824510040544e84d3a76be5848f257dd3a56efa68635f105ebb74

  • SSDEEP

    3072:T3oB0rBo7fvG802OWvUG0jMsJ0paEQ8myLQDac:TNS7fuLG2TJLEpmyL0ac

Score
10/10
miraibotnetdefense_evasiondiscoverypersistence

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

    • Target

      1acff51c52f90955d6b5f1767389068db9d143bfbe0b9d0ba05ddf29676c0345.elf

    • Size

      130KB

    • MD5

      8c5bfcde593b69226c0b257c632627dc

    • SHA1

      7290a1be4f038f61b48e5d20d960d4ea9c9a43d4

    • SHA256

      1acff51c52f90955d6b5f1767389068db9d143bfbe0b9d0ba05ddf29676c0345

    • SHA512

      b8277d934fa4b8df5890da6f2c9cb6e47bb3a6736ad11544049e5b7c10ff0e0d6ef3a347457824510040544e84d3a76be5848f257dd3a56efa68635f105ebb74

    • SSDEEP

      3072:T3oB0rBo7fvG802OWvUG0jMsJ0paEQ8myLQDac:TNS7fuLG2TJLEpmyL0ac

    Score
    7/10
    defense_evasiondiscoverypersistence

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks