General

  • Target

    587f7aa445ae84292cd3b776daa2bfcf8241f84c45adbc922cb318d4dffbaa8a.elf

  • Size

    43KB

  • Sample

    241109-c6lpasvlgy

  • MD5

    1ba37afe08507c0764e794cd7fcb77ca

  • SHA1

    a4a024a2c4eaa8807378d5cc940ad27f2b03e9a9

  • SHA256

    587f7aa445ae84292cd3b776daa2bfcf8241f84c45adbc922cb318d4dffbaa8a

  • SHA512

    f97dbdb785a6099638ff11c3fd4635f0f18675eb0cef0c5fd56d6d4796a5bfdb94be8f539727e4c551050bab2cee683668e941f2a82f099aba0d79e9209d6c41

  • SSDEEP

    768:31ZyKJoofyfTtMLfclRAAO+jVbumZnLM3XgcTaWS5HOF/MMga9q3UELr:HbjjOAgfnLGRMO10PLr

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      587f7aa445ae84292cd3b776daa2bfcf8241f84c45adbc922cb318d4dffbaa8a.elf

    • Size

      43KB

    • MD5

      1ba37afe08507c0764e794cd7fcb77ca

    • SHA1

      a4a024a2c4eaa8807378d5cc940ad27f2b03e9a9

    • SHA256

      587f7aa445ae84292cd3b776daa2bfcf8241f84c45adbc922cb318d4dffbaa8a

    • SHA512

      f97dbdb785a6099638ff11c3fd4635f0f18675eb0cef0c5fd56d6d4796a5bfdb94be8f539727e4c551050bab2cee683668e941f2a82f099aba0d79e9209d6c41

    • SSDEEP

      768:31ZyKJoofyfTtMLfclRAAO+jVbumZnLM3XgcTaWS5HOF/MMga9q3UELr:HbjjOAgfnLGRMO10PLr

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks