General

  • Target

    413cddb4fca3a1e8f1fb2ac5ebcd161a85cda41861415f91a9c5e7f116732b70.elf

  • Size

    35KB

  • Sample

    241217-c2fbqaynbm

  • MD5

    9ce6f655eedca1fd7af2e93dc59adb6c

  • SHA1

    ed523f4251d1dc3d202f3bf338543acf4b4edb50

  • SHA256

    413cddb4fca3a1e8f1fb2ac5ebcd161a85cda41861415f91a9c5e7f116732b70

  • SHA512

    a19fcb4690c88e560300abf678a0628a80dee48b1b450e712189e2caa62fa39ab18f932acd45d94daff2678ec2d3d6fd0be3852f006c8b09f354ce16d6bb6937

  • SSDEEP

    768:qQKd4TIv86wHqEGBFePMdayb0zDWX5pq2sJbBi9s3UozD:qQKSIbtYMHaDy5p/sZBiAzD

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      413cddb4fca3a1e8f1fb2ac5ebcd161a85cda41861415f91a9c5e7f116732b70.elf

    • Size

      35KB

    • MD5

      9ce6f655eedca1fd7af2e93dc59adb6c

    • SHA1

      ed523f4251d1dc3d202f3bf338543acf4b4edb50

    • SHA256

      413cddb4fca3a1e8f1fb2ac5ebcd161a85cda41861415f91a9c5e7f116732b70

    • SHA512

      a19fcb4690c88e560300abf678a0628a80dee48b1b450e712189e2caa62fa39ab18f932acd45d94daff2678ec2d3d6fd0be3852f006c8b09f354ce16d6bb6937

    • SSDEEP

      768:qQKd4TIv86wHqEGBFePMdayb0zDWX5pq2sJbBi9s3UozD:qQKSIbtYMHaDy5p/sZBiAzD

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks