General

  • Target

    3a01ac886c3f3dffed582fa36723aebfb209c1780cd98077b4e5bfff547542ed.elf

  • Size

    60KB

  • Sample

    241109-cybjcsvhlg

  • MD5

    668676d72aaee4a743d15f5f89e9fece

  • SHA1

    a7c77204609022fa6d2b3c14be7a56254377e27a

  • SHA256

    3a01ac886c3f3dffed582fa36723aebfb209c1780cd98077b4e5bfff547542ed

  • SHA512

    7391e5dfb303b9d7ba29f8714846cc725b5e3e06451b69b737ef4902ee4e5e544c0c875dc57a460426d7af3687565eb5ea3a7b7d7a5507e208fc8bf773d68362

  • SSDEEP

    1536:Y7XduYshWhq/HIEy6Og3Nwz9hAy+ud1pnLSM5Tfv83KJGTb6R4Q:qdpssMPR9w4y7RnLXTX83K0Tb6Rf

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      3a01ac886c3f3dffed582fa36723aebfb209c1780cd98077b4e5bfff547542ed.elf

    • Size

      60KB

    • MD5

      668676d72aaee4a743d15f5f89e9fece

    • SHA1

      a7c77204609022fa6d2b3c14be7a56254377e27a

    • SHA256

      3a01ac886c3f3dffed582fa36723aebfb209c1780cd98077b4e5bfff547542ed

    • SHA512

      7391e5dfb303b9d7ba29f8714846cc725b5e3e06451b69b737ef4902ee4e5e544c0c875dc57a460426d7af3687565eb5ea3a7b7d7a5507e208fc8bf773d68362

    • SSDEEP

      1536:Y7XduYshWhq/HIEy6Og3Nwz9hAy+ud1pnLSM5Tfv83KJGTb6R4Q:qdpssMPR9w4y7RnLXTX83K0Tb6Rf

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks