General

  • Target

    8649b803640a4d45789c6a6fcc07de684041aaba9963bdbc1607f066f05b208f.elf

  • Size

    22KB

  • Sample

    241013-byl5essdqh

  • MD5

    034886471e8ee7232e2eaa18c3da60a8

  • SHA1

    d371604934c4ec6c48f9679853f5b213e74a5617

  • SHA256

    8649b803640a4d45789c6a6fcc07de684041aaba9963bdbc1607f066f05b208f

  • SHA512

    2bf8f513faab5d636d3e33202346f55041f279880328828c24604e8bf6107a2c6374fcd93196b4eba343d414e60ac1031d17057fcf42b7e512240ed20fcaf6ec

  • SSDEEP

    384:CDYC95A2rM7RjFrvX2V6H2XJ8LaHYsbXxhNuzURrj52Jb8xe3p6CTG6QfD26cuiv:CDZ5Dw7RjFjcU+O24sD5uARW/Z6nsP

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      8649b803640a4d45789c6a6fcc07de684041aaba9963bdbc1607f066f05b208f.elf

    • Size

      22KB

    • MD5

      034886471e8ee7232e2eaa18c3da60a8

    • SHA1

      d371604934c4ec6c48f9679853f5b213e74a5617

    • SHA256

      8649b803640a4d45789c6a6fcc07de684041aaba9963bdbc1607f066f05b208f

    • SHA512

      2bf8f513faab5d636d3e33202346f55041f279880328828c24604e8bf6107a2c6374fcd93196b4eba343d414e60ac1031d17057fcf42b7e512240ed20fcaf6ec

    • SSDEEP

      384:CDYC95A2rM7RjFrvX2V6H2XJ8LaHYsbXxhNuzURrj52Jb8xe3p6CTG6QfD26cuiv:CDZ5Dw7RjFjcU+O24sD5uARW/Z6nsP

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks