General

  • Target

    a51984808c733ab96f33c55556c6d58ff7673484ee0397d0e12991d3193bc250.elf

  • Size

    60KB

  • Sample

    241114-ddmxbstdrj

  • MD5

    f7b11e054547f677dca9fa8913f955bc

  • SHA1

    52933ef132e1f2f0b0bfce5b4cd95e4ea4530d76

  • SHA256

    a51984808c733ab96f33c55556c6d58ff7673484ee0397d0e12991d3193bc250

  • SHA512

    a1d10215c8f552622fa0a082b7278e953b7796d72eef16d41e6613f26c105c1a6931f4abcc0954a5129c0506bb32f090c3d7592e831f7e179dd70e22d1c4eff6

  • SSDEEP

    768:SVti3685jhEYETNSWkmB9KYdJ0OuwYfPMx/18HDT3Y1joor6dH4WBNOBFY3T60PW:Ytm1RERtVJ0dzMhYD7Y1j/vFmI

Malware Config

Extracted

Family

mirai

C2

193.84.71.119

89.190.156.145

Targets

    • Target

      a51984808c733ab96f33c55556c6d58ff7673484ee0397d0e12991d3193bc250.elf

    • Size

      60KB

    • MD5

      f7b11e054547f677dca9fa8913f955bc

    • SHA1

      52933ef132e1f2f0b0bfce5b4cd95e4ea4530d76

    • SHA256

      a51984808c733ab96f33c55556c6d58ff7673484ee0397d0e12991d3193bc250

    • SHA512

      a1d10215c8f552622fa0a082b7278e953b7796d72eef16d41e6613f26c105c1a6931f4abcc0954a5129c0506bb32f090c3d7592e831f7e179dd70e22d1c4eff6

    • SSDEEP

      768:SVti3685jhEYETNSWkmB9KYdJ0OuwYfPMx/18HDT3Y1joor6dH4WBNOBFY3T60PW:Ytm1RERtVJ0dzMhYD7Y1j/vFmI

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Reads process memory

      Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.

MITRE ATT&CK Enterprise v15

Tasks