General

  • Target

    d683ac0fa9513e0a7f14ef083e3c49a7816f1cfd5ad61919dc37f7e45d57c866.elf

  • Size

    58KB

  • Sample

    241112-qdvcmatbqq

  • MD5

    15002dd354fe9805a35c818e599cd195

  • SHA1

    87ecc7e747938a21b6d97a8bbbe0929ae1fe1ebd

  • SHA256

    d683ac0fa9513e0a7f14ef083e3c49a7816f1cfd5ad61919dc37f7e45d57c866

  • SHA512

    68dfc26bab44c722982c39db51604bda04972f64a3ebac4ed29ec4da20c9ad265c2e7c62d26dd64cc67b115f4b9bc9d9cdf0743d36e74294510579596b3803f4

  • SSDEEP

    768:ds+Vmz0XyboxDHdYGCyvMEcqXrgT8Rv7EolgG18HBTPOlRwoCK/1DLBNOoFYYauT:6+kICwDyGjrgclPYBjOlRrzFyM

Malware Config

Extracted

Family

mirai

C2

193.84.71.119

89.190.156.145

Targets

    • Target

      d683ac0fa9513e0a7f14ef083e3c49a7816f1cfd5ad61919dc37f7e45d57c866.elf

    • Size

      58KB

    • MD5

      15002dd354fe9805a35c818e599cd195

    • SHA1

      87ecc7e747938a21b6d97a8bbbe0929ae1fe1ebd

    • SHA256

      d683ac0fa9513e0a7f14ef083e3c49a7816f1cfd5ad61919dc37f7e45d57c866

    • SHA512

      68dfc26bab44c722982c39db51604bda04972f64a3ebac4ed29ec4da20c9ad265c2e7c62d26dd64cc67b115f4b9bc9d9cdf0743d36e74294510579596b3803f4

    • SSDEEP

      768:ds+Vmz0XyboxDHdYGCyvMEcqXrgT8Rv7EolgG18HBTPOlRwoCK/1DLBNOoFYYauT:6+kICwDyGjrgclPYBjOlRrzFyM

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Reads process memory

      Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.

MITRE ATT&CK Enterprise v15

Tasks