General

  • Target

    ed5e50549d1da4c05a9143a75ab15b8ebc78b95350add7faad67cb1fd1b241d0.elf

  • Size

    116KB

  • Sample

    240906-k96smsybkj

  • MD5

    4c21b385c05e1d586096cf82855e5d62

  • SHA1

    edc0ae024e8347aec929531e59bd0740d907f2ab

  • SHA256

    ed5e50549d1da4c05a9143a75ab15b8ebc78b95350add7faad67cb1fd1b241d0

  • SHA512

    49d68890ca72a3b3416f22742037ddaa01cb009cef8cea5fa1d1a2a1432d9d80eebf0b1a10fdc1aed1b33094055c635b24e1bac043def4b6675d1eacf779dfb4

  • SSDEEP

    3072:rVqXenwFWWbDxBcqhWrfyuselz1lPLf/wIH2U:oXen+WWPcqhWrfyu1DpLf52U

Malware Config

Extracted

Family

mirai

C2

www.india-scam-call-center.pw

www.akck.ru

Targets

    • Target

      ed5e50549d1da4c05a9143a75ab15b8ebc78b95350add7faad67cb1fd1b241d0.elf

    • Size

      116KB

    • MD5

      4c21b385c05e1d586096cf82855e5d62

    • SHA1

      edc0ae024e8347aec929531e59bd0740d907f2ab

    • SHA256

      ed5e50549d1da4c05a9143a75ab15b8ebc78b95350add7faad67cb1fd1b241d0

    • SHA512

      49d68890ca72a3b3416f22742037ddaa01cb009cef8cea5fa1d1a2a1432d9d80eebf0b1a10fdc1aed1b33094055c635b24e1bac043def4b6675d1eacf779dfb4

    • SSDEEP

      3072:rVqXenwFWWbDxBcqhWrfyuselz1lPLf/wIH2U:oXen+WWPcqhWrfyu1DpLf52U

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks