General

  • Target

    zmap.mpsl.elf

  • Size

    94KB

  • Sample

    241102-p1rpksvdmk

  • MD5

    b4458e4fa2efcf88bfa2aaeda864519e

  • SHA1

    8263798736379ed4ce23ef75e4d1f606e05c815b

  • SHA256

    146ef07d918f77546ba8112e9f307361f9d54af4886dba7fc4ba9e58bc8c5d47

  • SHA512

    4aa6068f6e3ed09c6706c37f046cd4081a5c7de3e307860e67ff9fff426a281f33dbb027bbcb36b0fd9df6dccd083308d78f43948009ccdcc3676ed4ff063010

  • SSDEEP

    1536:IIdgIHlIodXYtj7eLM/eNLNnCt2ZIzAFy4JZ1BV6I5W/CQ:IIdgIHlIo4mLNCt2ZPFbJrYKQ

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

    • Target

      zmap.mpsl.elf

    • Size

      94KB

    • MD5

      b4458e4fa2efcf88bfa2aaeda864519e

    • SHA1

      8263798736379ed4ce23ef75e4d1f606e05c815b

    • SHA256

      146ef07d918f77546ba8112e9f307361f9d54af4886dba7fc4ba9e58bc8c5d47

    • SHA512

      4aa6068f6e3ed09c6706c37f046cd4081a5c7de3e307860e67ff9fff426a281f33dbb027bbcb36b0fd9df6dccd083308d78f43948009ccdcc3676ed4ff063010

    • SSDEEP

      1536:IIdgIHlIodXYtj7eLM/eNLNnCt2ZIzAFy4JZ1BV6I5W/CQ:IIdgIHlIo4mLNCt2ZPFbJrYKQ

    Score
    7/10
    • Deletes itself

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks