General

  • Target

    zmap.mips.elf

  • Size

    94KB

  • Sample

    241216-td9zvsvjcs

  • MD5

    8ae4ac18a3b34fba963f59a42ff02fb7

  • SHA1

    e9f75cf21972b2c953163d64d3cb89bd6a93cc1b

  • SHA256

    c485a846f4b7c5d410762291758175ca0775ca919da52ef05047f3000045020a

  • SHA512

    af6a9fb41fc94fdb3c1448e2477190f403b14eca2502e93c1ab6a1c8cf0eaada47dedd81df94f15bc6efa8ae29d68f3a6368c67283514c88f3f8e28519bf6bb0

  • SSDEEP

    1536:mF4tsbv54o+3bPhXhWxZJlwYdPAL+fyecpeo6XNLty:mF4tsr54o+rPhkxlwYdoL+fyecIXNLY

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

    • Target

      zmap.mips.elf

    • Size

      94KB

    • MD5

      8ae4ac18a3b34fba963f59a42ff02fb7

    • SHA1

      e9f75cf21972b2c953163d64d3cb89bd6a93cc1b

    • SHA256

      c485a846f4b7c5d410762291758175ca0775ca919da52ef05047f3000045020a

    • SHA512

      af6a9fb41fc94fdb3c1448e2477190f403b14eca2502e93c1ab6a1c8cf0eaada47dedd81df94f15bc6efa8ae29d68f3a6368c67283514c88f3f8e28519bf6bb0

    • SSDEEP

      1536:mF4tsbv54o+3bPhXhWxZJlwYdPAL+fyecpeo6XNLty:mF4tsr54o+rPhkxlwYdoL+fyecIXNLY

    • Deletes itself

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks