General

  • Target

    na.elf

  • Size

    45KB

  • Sample

    241014-swxlta1gre

  • MD5

    ea1b1c806e9fd39bf43bb4a5c57f30de

  • SHA1

    a8509a6ee49272cc8f06f646c8734b49687ed5d1

  • SHA256

    4accf6c7dc3b8474cd215dae2116fedb9dcd0e6069061f094162969300e47262

  • SHA512

    b1103efefa7c38cba461f9d04f24087d1a3ab595f2b06156bca9ce814a61f2ba735fbe10eaf82f4a7120cadf9b9f19625e107d43d4147d4ee407c9bd8fc22c88

  • SSDEEP

    768:g/TYCoIxdEk+AxoTZAZHFeq8b324T9q3UELbUXfi6nVMQHI4vcGpvg:gECFd+A6YHAx2BLRQZg

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      na.elf

    • Size

      45KB

    • MD5

      ea1b1c806e9fd39bf43bb4a5c57f30de

    • SHA1

      a8509a6ee49272cc8f06f646c8734b49687ed5d1

    • SHA256

      4accf6c7dc3b8474cd215dae2116fedb9dcd0e6069061f094162969300e47262

    • SHA512

      b1103efefa7c38cba461f9d04f24087d1a3ab595f2b06156bca9ce814a61f2ba735fbe10eaf82f4a7120cadf9b9f19625e107d43d4147d4ee407c9bd8fc22c88

    • SSDEEP

      768:g/TYCoIxdEk+AxoTZAZHFeq8b324T9q3UELbUXfi6nVMQHI4vcGpvg:gECFd+A6YHAx2BLRQZg

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks