General

  • Target

    923e062add0e0cddb1e650f53680b100.bin

  • Size

    22KB

  • Sample

    241217-bx8xssxkdk

  • MD5

    f9b68fc44355cdb1f1a8c5e0280fe2a3

  • SHA1

    202f58d8834f434ce49121a4dc794fd4e2907d3d

  • SHA256

    14ce06bda3723056f53dd4dd64cabf1fbd2b3a48ccb3335f1dab88726f2547dd

  • SHA512

    b72d02091000794918a172913714902e93b590d21d6beba3da6875f8da67ee7bb115b7f64700f31f20354794085b92684c10a825dc4620c7f8348e76c096056e

  • SSDEEP

    384:7+PwxAxzivWz0RJSAi4XYlAWDShyl1Qwt1JUpuEaCSfw5AuZ544pib45l8azXQif:64xAxz3KXYfTGoEkfw5hZ53CIf

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      215af14d531524b2625842b3c5e53194eca55e8b072553ace83bc7ecf4feac33.elf

    • Size

      23KB

    • MD5

      923e062add0e0cddb1e650f53680b100

    • SHA1

      15990f11a27c06d106f8b5566f932de669ca682f

    • SHA256

      215af14d531524b2625842b3c5e53194eca55e8b072553ace83bc7ecf4feac33

    • SHA512

      13453fed6f9fa9ae72e6a3af4b51f60107ce3f5155f3b1dbc3e23cc2b185b1692546f347fe9d43a12c55b7bdf8f9df9d389e8e3973fc8b79dc9a01f4e5a65397

    • SSDEEP

      384:teD8ZSH2LLZUYyGZbsOiT/5qZB4FQdhL8d/QQ3m6xcJyumdrJgGlzDpH7uNj1JA4:teD8ZSWvZHZbs1/k0M8d/QA0yuirJgGC

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks