General

  • Target

    928cc6c6da15f3e8df4b213fdcdb3bf7891368b36a8e8dc3eb8e9bbb513c325d.elf

  • Size

    60KB

  • Sample

    241112-nn4mya1hqr

  • MD5

    bb82428ecfa3e8da73e8e17da7024716

  • SHA1

    8814932fc5637930077f823d9e67601411d196e5

  • SHA256

    928cc6c6da15f3e8df4b213fdcdb3bf7891368b36a8e8dc3eb8e9bbb513c325d

  • SHA512

    14381d9a600ac1f05fbc7c59d39021c761889bbcfc73d8d0fe90adca204fac647d4288bea475eeb46dfd3be673e0d79b289faaccc27728795fc5f75181939eeb

  • SSDEEP

    1536:HlfdBc1C1Eocmq0qWSBN1/wNfTBsebQma:HlE1C1Eo1q0TS31/I+ebt

Malware Config

Extracted

Family

mirai

C2

193.84.71.119

89.190.156.145

Targets

    • Target

      928cc6c6da15f3e8df4b213fdcdb3bf7891368b36a8e8dc3eb8e9bbb513c325d.elf

    • Size

      60KB

    • MD5

      bb82428ecfa3e8da73e8e17da7024716

    • SHA1

      8814932fc5637930077f823d9e67601411d196e5

    • SHA256

      928cc6c6da15f3e8df4b213fdcdb3bf7891368b36a8e8dc3eb8e9bbb513c325d

    • SHA512

      14381d9a600ac1f05fbc7c59d39021c761889bbcfc73d8d0fe90adca204fac647d4288bea475eeb46dfd3be673e0d79b289faaccc27728795fc5f75181939eeb

    • SSDEEP

      1536:HlfdBc1C1Eocmq0qWSBN1/wNfTBsebQma:HlE1C1Eo1q0TS31/I+ebt

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Reads process memory

      Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.

MITRE ATT&CK Enterprise v15

Tasks