General

  • Target

    Space.x86_64.elf

  • Size

    36KB

  • Sample

    241216-jqd3va1mdz

  • MD5

    f9cdbd1b6359b49143356cf79ac094ab

  • SHA1

    e3679e2b4c1e536529aa0e59b25a2d51314d6fa4

  • SHA256

    821e40e9f4161f17ead134c4b3dd0c687176a3afa317ecf283bccb9d24dfee5f

  • SHA512

    43e08f3009b19180aeae6e8d92101fdc10cc039cf81c6f108ccf1348d0862eb9ae4533becc68b1d6d5f964cc70255c704a2a33b545ed36173d5e9e30d51dae20

  • SSDEEP

    768:nkjvsa/voIrDuWYZHmqtdE4lNlsqC9h0+oNYXlL+Bq+TaO9OsV723NZ4n38h7Ux6:uzHz5i5lbEDoNeCwCY43lMZv

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      Space.x86_64.elf

    • Size

      36KB

    • MD5

      f9cdbd1b6359b49143356cf79ac094ab

    • SHA1

      e3679e2b4c1e536529aa0e59b25a2d51314d6fa4

    • SHA256

      821e40e9f4161f17ead134c4b3dd0c687176a3afa317ecf283bccb9d24dfee5f

    • SHA512

      43e08f3009b19180aeae6e8d92101fdc10cc039cf81c6f108ccf1348d0862eb9ae4533becc68b1d6d5f964cc70255c704a2a33b545ed36173d5e9e30d51dae20

    • SSDEEP

      768:nkjvsa/voIrDuWYZHmqtdE4lNlsqC9h0+oNYXlL+Bq+TaO9OsV723NZ4n38h7Ux6:uzHz5i5lbEDoNeCwCY43lMZv

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks