General

  • Target

    8ed00afeb5f2ec81352c151e916f1d85.bin

  • Size

    29KB

  • Sample

    241217-bx1w7axkcn

  • MD5

    eec2982cfb70060d5d9446b558cec81f

  • SHA1

    d60d53a59b840091ee07ce155bf83648ee05db58

  • SHA256

    c48a5852e7d983333bb80c8d72afc1ab0f49cc57a17b6959d67c0bc6ba48de4c

  • SHA512

    8c3c1e794574f24453b1e6846f7aeee2977ca47463a5ac1a8f8d0eb3e19822e8600f1a6dacb68bf948121211c7af2286da85b683784ca13796efeedf83ab726b

  • SSDEEP

    768:bhZs37x3NGCtaK0bWj8VHqJAMyKZbQfedsnpDpT:9qYxJWAMFZbQfedcpT

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

    • Target

      44cc7a4e50c30c53b1152e042c5d8b1b28efedae967a4ac20ad308d71fb64b46.elf

    • Size

      57KB

    • MD5

      8ed00afeb5f2ec81352c151e916f1d85

    • SHA1

      6f658faa7463463c2b58d658e4bcdb02f8a02441

    • SHA256

      44cc7a4e50c30c53b1152e042c5d8b1b28efedae967a4ac20ad308d71fb64b46

    • SHA512

      3d9bf05cc729832eeb130de795813d50b1e0df7dc228a51e9e1a81f43bb3cf5c2ab31a3d20bea7b145dac0ceaab6ecf4885245b9b50db283cf737f2d022ca441

    • SSDEEP

      1536:0Znx4HVynObXFUOmVz1NzBQk8SRGJSlpa9p9l5vicj6v/pW:I4HV4mezbOknRGJSlpgBj6HpW

    • Contacts a large (699405) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

MITRE ATT&CK Enterprise v15

Tasks