General

  • Target

    5r3fqt67ew531has4231.arm7.elf

  • Size

    63KB

  • Sample

    241110-m1na2sylcm

  • MD5

    22c9f30b8bde9bf919ea52dd6a3cfd56

  • SHA1

    7b1edc3e5ca751c164378d4912c5f24f904a6b3d

  • SHA256

    06f3e351dbe2269d2fe0c6fce63553b85131c8c9d0fee08b33b0f9a7233db68e

  • SHA512

    e9ff3ddd153f541b9974f6dad0c47427299addb97d0a634b9fc7e4d6f676a587419a4d47590551426a3d256daac5160d6c0105ee2edd3cf3418e0d7facd62fef

  • SSDEEP

    1536:7XLl7KApuSK7F/9nKKDfwCd1k7kHwhDZgw7bVKZiCeud9:7bl3w97FIKDfDkHhDJkJei

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

    • Target

      5r3fqt67ew531has4231.arm7.elf

    • Size

      63KB

    • MD5

      22c9f30b8bde9bf919ea52dd6a3cfd56

    • SHA1

      7b1edc3e5ca751c164378d4912c5f24f904a6b3d

    • SHA256

      06f3e351dbe2269d2fe0c6fce63553b85131c8c9d0fee08b33b0f9a7233db68e

    • SHA512

      e9ff3ddd153f541b9974f6dad0c47427299addb97d0a634b9fc7e4d6f676a587419a4d47590551426a3d256daac5160d6c0105ee2edd3cf3418e0d7facd62fef

    • SSDEEP

      1536:7XLl7KApuSK7F/9nKKDfwCd1k7kHwhDZgw7bVKZiCeud9:7bl3w97FIKDfDkHhDJkJei

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Contacts a large (198542) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

MITRE ATT&CK Enterprise v15

Tasks