General

  • Target

    0529d0ee6e10606cc2e74cd34245c35b1db7df1c31ea034e7086a28dc9450c0d.elf

  • Size

    45KB

  • Sample

    241119-chzk9azcrl

  • MD5

    db67c952830b8b1f6ae914a1ff879a25

  • SHA1

    9273ff3fff169e1a33b6e5c97565ddacc27cb0f0

  • SHA256

    0529d0ee6e10606cc2e74cd34245c35b1db7df1c31ea034e7086a28dc9450c0d

  • SHA512

    03a217e0a84fa4e5d2a274bdf66bf555280c91a27c1ef5722ff6a8e9ba31bac26043cc08c2ac2350c9c7ee0767ca66dcfd589e2bedba8475394ad72a755e13d2

  • SSDEEP

    768:D/TYCoIxdEk+AxoTZAZHFeq8b3B9q3UELbUXfi6nVMQHI4vcGpvA:DECFd+A6YHAx0LRQZA

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      0529d0ee6e10606cc2e74cd34245c35b1db7df1c31ea034e7086a28dc9450c0d.elf

    • Size

      45KB

    • MD5

      db67c952830b8b1f6ae914a1ff879a25

    • SHA1

      9273ff3fff169e1a33b6e5c97565ddacc27cb0f0

    • SHA256

      0529d0ee6e10606cc2e74cd34245c35b1db7df1c31ea034e7086a28dc9450c0d

    • SHA512

      03a217e0a84fa4e5d2a274bdf66bf555280c91a27c1ef5722ff6a8e9ba31bac26043cc08c2ac2350c9c7ee0767ca66dcfd589e2bedba8475394ad72a755e13d2

    • SSDEEP

      768:D/TYCoIxdEk+AxoTZAZHFeq8b3B9q3UELbUXfi6nVMQHI4vcGpvA:DECFd+A6YHAx0LRQZA

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks