General

  • Target

    zmap.mpsl.elf

  • Size

    94KB

  • Sample

    241216-t66g5svqdy

  • MD5

    d81e9564b8b9d62d70bda936d927d875

  • SHA1

    42706a08b0545984ed5a5cfbdff3fe2ab62ca552

  • SHA256

    c14fead55aee69ec760fdba5f5371922595ad9df3c7201feb088f322043def0d

  • SHA512

    282a8641c62e67b1bde30e1bfbd991493c38155b6dfdb5406a80d69b7b710bfe27fdbe5571363c3f55e2fbb0a447db3789c5609493e24daef3260c2d87417886

  • SSDEEP

    1536:IIdgIHlIodXYtj7eLM/eNLNnCt2ZIzAFy4JZ1BV6I5W/Cd:IIdgIHlIo4mLNCt2ZPFbJrYKd

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

    • Target

      zmap.mpsl.elf

    • Size

      94KB

    • MD5

      d81e9564b8b9d62d70bda936d927d875

    • SHA1

      42706a08b0545984ed5a5cfbdff3fe2ab62ca552

    • SHA256

      c14fead55aee69ec760fdba5f5371922595ad9df3c7201feb088f322043def0d

    • SHA512

      282a8641c62e67b1bde30e1bfbd991493c38155b6dfdb5406a80d69b7b710bfe27fdbe5571363c3f55e2fbb0a447db3789c5609493e24daef3260c2d87417886

    • SSDEEP

      1536:IIdgIHlIodXYtj7eLM/eNLNnCt2ZIzAFy4JZ1BV6I5W/Cd:IIdgIHlIo4mLNCt2ZPFbJrYKd

    Score
    7/10
    • Deletes itself

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks