General

  • Target

    545bd0db3deb31a498aba5ccb32dfa8e0a477f01f707c4df16f9a3f3b308d3ff.elf

  • Size

    38KB

  • Sample

    241109-c5t92syjhk

  • MD5

    afa9f3a3f3ace7c530ca65c5177f62ef

  • SHA1

    ebabd9cd095b56b77eb23c9d2262130f07c8ca29

  • SHA256

    545bd0db3deb31a498aba5ccb32dfa8e0a477f01f707c4df16f9a3f3b308d3ff

  • SHA512

    533d055f514ee835dd24963ef885a48d79eb16fbe880a0fc53d19865bff3d0bd7f30c7ebd1729533e7dd0396f7f27b97abf63c4bb1c572acf12721d097d02ef7

  • SSDEEP

    768:OBKNWbxNdoZd64sVhUQX9bS9CL+v7TqvnGQre6warL5/+qEn9+eEs3UozOh:QQiDdY4hUQNb/yv72vnGFpaH5/qVhzOh

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      545bd0db3deb31a498aba5ccb32dfa8e0a477f01f707c4df16f9a3f3b308d3ff.elf

    • Size

      38KB

    • MD5

      afa9f3a3f3ace7c530ca65c5177f62ef

    • SHA1

      ebabd9cd095b56b77eb23c9d2262130f07c8ca29

    • SHA256

      545bd0db3deb31a498aba5ccb32dfa8e0a477f01f707c4df16f9a3f3b308d3ff

    • SHA512

      533d055f514ee835dd24963ef885a48d79eb16fbe880a0fc53d19865bff3d0bd7f30c7ebd1729533e7dd0396f7f27b97abf63c4bb1c572acf12721d097d02ef7

    • SSDEEP

      768:OBKNWbxNdoZd64sVhUQX9bS9CL+v7TqvnGQre6warL5/+qEn9+eEs3UozOh:QQiDdY4hUQNb/yv72vnGFpaH5/qVhzOh

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks