General

  • Target

    bf083f4182e1facde7503bd0465b0799e00cadfa75d0bd814923b852b579fb27.elf

  • Size

    83KB

  • Sample

    241114-dj676asqgs

  • MD5

    65ec3622fad64e105be37074e0de80f8

  • SHA1

    f67282e79340355827e9ab48ccec6925ce8e541a

  • SHA256

    bf083f4182e1facde7503bd0465b0799e00cadfa75d0bd814923b852b579fb27

  • SHA512

    f379b3566206b79ef33e25246706c2b416d25b4786083d60b475184f00b43f5ab4938a9586d6e13e13a792d2058dad8dd440c49f717b7e206f7747cb37127acb

  • SSDEEP

    1536:nr8UDMzyFBeayuyMTyl9WsQK/In8G236kZbtuVRi:r8UDMzyFwayuyIylYA6km

Malware Config

Extracted

Family

mirai

C2

89.190.156.145

Targets

    • Target

      bf083f4182e1facde7503bd0465b0799e00cadfa75d0bd814923b852b579fb27.elf

    • Size

      83KB

    • MD5

      65ec3622fad64e105be37074e0de80f8

    • SHA1

      f67282e79340355827e9ab48ccec6925ce8e541a

    • SHA256

      bf083f4182e1facde7503bd0465b0799e00cadfa75d0bd814923b852b579fb27

    • SHA512

      f379b3566206b79ef33e25246706c2b416d25b4786083d60b475184f00b43f5ab4938a9586d6e13e13a792d2058dad8dd440c49f717b7e206f7747cb37127acb

    • SSDEEP

      1536:nr8UDMzyFBeayuyMTyl9WsQK/In8G236kZbtuVRi:r8UDMzyFwayuyIylYA6km

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads process memory

      Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.

MITRE ATT&CK Enterprise v15

Tasks