General

  • Target

    Satan.x86_64.elf

  • Size

    36KB

  • Sample

    241120-2tdklavpa1

  • MD5

    e4df8be7344cd39e0a8e908adbe23cd4

  • SHA1

    0a3fa93b2ef3b28f3bdbd9b5b7774d85205d6d86

  • SHA256

    c765671d83adf38b777ecf372154f3b6cb163a429ab97256b91bb17f7600fcc8

  • SHA512

    c76d538d2a6a5ffbde826f2f6265bbd2580d3843bc72c7064b106ddb5e181e3cb57b60578bf0ec9b24c45aee42d94dbd9ed3145d5035439090c743ec0388691d

  • SSDEEP

    768:G+4qtvWUAASjjLMGz7/tjBQd4Mt8nEPH3GgurUEUe5Wx0T:19tvWrASjjL17/9BODtoPgurlU9S

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      Satan.x86_64.elf

    • Size

      36KB

    • MD5

      e4df8be7344cd39e0a8e908adbe23cd4

    • SHA1

      0a3fa93b2ef3b28f3bdbd9b5b7774d85205d6d86

    • SHA256

      c765671d83adf38b777ecf372154f3b6cb163a429ab97256b91bb17f7600fcc8

    • SHA512

      c76d538d2a6a5ffbde826f2f6265bbd2580d3843bc72c7064b106ddb5e181e3cb57b60578bf0ec9b24c45aee42d94dbd9ed3145d5035439090c743ec0388691d

    • SSDEEP

      768:G+4qtvWUAASjjLMGz7/tjBQd4Mt8nEPH3GgurUEUe5Wx0T:19tvWrASjjL17/9BODtoPgurlU9S

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks