General

  • Target

    na.elf

  • Size

    23KB

  • Sample

    241014-swxa2swbnn

  • MD5

    eae531099c0da1b0b60bb8de4f3be910

  • SHA1

    09037cb42de01a7b8d71f564fe7a7c66c8f20029

  • SHA256

    fe4224c421f53e3cb8eda46a83be7ab1bdb881e7cd6e379cad0248fbfe64758d

  • SHA512

    67f73e1360c76e29df411e0afdb4b0363eee13d4ffab5100015feae7133aaa82dded9ef6d03b8b9857f680a6c88a192f14c5e12e4dae2ac4e015a3b9c825e52e

  • SSDEEP

    384:neD8ZSH2LLZUYyGZbsOiTrowSN9rnZMINlphQ/HYtuiXnG3mdzJgGlzDpH7uNj1h:neD8ZSWvZHZbs1row697qohQvg9XnG3j

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      na.elf

    • Size

      23KB

    • MD5

      eae531099c0da1b0b60bb8de4f3be910

    • SHA1

      09037cb42de01a7b8d71f564fe7a7c66c8f20029

    • SHA256

      fe4224c421f53e3cb8eda46a83be7ab1bdb881e7cd6e379cad0248fbfe64758d

    • SHA512

      67f73e1360c76e29df411e0afdb4b0363eee13d4ffab5100015feae7133aaa82dded9ef6d03b8b9857f680a6c88a192f14c5e12e4dae2ac4e015a3b9c825e52e

    • SSDEEP

      384:neD8ZSH2LLZUYyGZbsOiTrowSN9rnZMINlphQ/HYtuiXnG3mdzJgGlzDpH7uNj1h:neD8ZSWvZHZbs1row697qohQvg9XnG3j

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks