General

  • Target

    b3d82450bc3b0dff755bf2022016e559be3f017f1c33cb209f1bf2dd5e14f7f1.elf

  • Size

    82KB

  • Sample

    241114-dgpv4atemj

  • MD5

    dac5a2738f200d0be4a8624b93afd6e7

  • SHA1

    19ae1d70b6ca2956f0b367d5beb1add5bc679051

  • SHA256

    b3d82450bc3b0dff755bf2022016e559be3f017f1c33cb209f1bf2dd5e14f7f1

  • SHA512

    9054db483a903d0ea8ac6955c8f224c56e6ea46ff6ca46d6b45b7890d558adda30df165bd34989a7ff7dd45bfdbd1003e1ca9071853dc4246a48c0f0ab292d5e

  • SSDEEP

    1536:oEj9cJYV7T6HWyMqo979YKsQgfbtYCCZfwtRzcA+/tqToc3moK:7pcC/yMV9eKs1+CCZfwtmAS8c

Malware Config

Extracted

Family

mirai

C2

89.190.156.145

Targets

    • Target

      b3d82450bc3b0dff755bf2022016e559be3f017f1c33cb209f1bf2dd5e14f7f1.elf

    • Size

      82KB

    • MD5

      dac5a2738f200d0be4a8624b93afd6e7

    • SHA1

      19ae1d70b6ca2956f0b367d5beb1add5bc679051

    • SHA256

      b3d82450bc3b0dff755bf2022016e559be3f017f1c33cb209f1bf2dd5e14f7f1

    • SHA512

      9054db483a903d0ea8ac6955c8f224c56e6ea46ff6ca46d6b45b7890d558adda30df165bd34989a7ff7dd45bfdbd1003e1ca9071853dc4246a48c0f0ab292d5e

    • SSDEEP

      1536:oEj9cJYV7T6HWyMqo979YKsQgfbtYCCZfwtRzcA+/tqToc3moK:7pcC/yMV9eKs1+CCZfwtmAS8c

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads process memory

      Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.

MITRE ATT&CK Enterprise v15

Tasks