General

  • Target

    ca95eab493cfc9b9bed940c9a28a1b26.bin

  • Size

    20KB

  • Sample

    241217-b6pkhswpev

  • MD5

    d9bbd9523e9a04ab16b0c00917285c6e

  • SHA1

    9e5f3f9e122bb974bf690f568b2d81b3bacdaab2

  • SHA256

    fe75422e5447946aa2dbe24fe7044b8eac330cd1b3c88b3ba6951b86093b05c3

  • SHA512

    ed72744325941dc8a773c780c2ecfc3c1a8a2e9be0949094c3ba8a49b4dd2c2080dda3dfb09d386d89e9660071ad741bd5583cf5939118aab9ed8e1ca3a05a34

  • SSDEEP

    384:lJ/J0/vYOBwmugXS7KiBUR+Fcx07PZOhd4ZRK5+tVL1NzbBLsKMC8t2/UE:lJR0HYOBpW7BWR+mx09Ob4WcrHz9Ls7M

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      0439117b36cccec92a1ff3ec8bb5f36f65b42a8c2a323e38fea98c4b6c572923.elf

    • Size

      20KB

    • MD5

      ca95eab493cfc9b9bed940c9a28a1b26

    • SHA1

      54ac919ada2b946bf6d8e4766cdadfb5206b518e

    • SHA256

      0439117b36cccec92a1ff3ec8bb5f36f65b42a8c2a323e38fea98c4b6c572923

    • SHA512

      56261bb12c76257c1b2162de8b8ffdf4e2a8efefccde8703ab1ac2ebb1a0363e120d2ead06c83b6c8faff011fdde7a06b2cdb95297f02f2f8e68a17163209ea7

    • SSDEEP

      384:MgWLpj8s/qPui8uZxoIA57RWQjJiEVi+Zkqafc1oj5CWRfINhCjTn6Epl9zpdI83:O98o08kxofBE+ZkqNxWRogTn6Ep3lTz

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks