General

  • Target

    ub8ehJSePAfc9FYqZIT6.x86.elf

  • Size

    37KB

  • Sample

    241223-avlttasphk

  • MD5

    fc32f8a67d1b0590d25d38c2614d72d9

  • SHA1

    be2059efd5d4fcd999672caa7970019eb160bf13

  • SHA256

    1bd4414e839b5d0be6d814d0d3daae5f64df063fb87865d32fbe815e02d587fa

  • SHA512

    b99e74e7b031a5f21b1fece80c6976718a33efb3da3c13949fa8053f1e47970f335766a4376f33edff2dfaf79b144669ef28387dc73e9ff34cb77c94b47b9047

  • SSDEEP

    768:dxaYe0syQ8V3uZJYDR+AGJyQlYuOwqakXzEp3Lj7CGyNGQG12nbcuyD7UrQRjJ:CYgBe3uZgR+zZiw807j7CGb2nouy8ryd

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      ub8ehJSePAfc9FYqZIT6.x86.elf

    • Size

      37KB

    • MD5

      fc32f8a67d1b0590d25d38c2614d72d9

    • SHA1

      be2059efd5d4fcd999672caa7970019eb160bf13

    • SHA256

      1bd4414e839b5d0be6d814d0d3daae5f64df063fb87865d32fbe815e02d587fa

    • SHA512

      b99e74e7b031a5f21b1fece80c6976718a33efb3da3c13949fa8053f1e47970f335766a4376f33edff2dfaf79b144669ef28387dc73e9ff34cb77c94b47b9047

    • SSDEEP

      768:dxaYe0syQ8V3uZJYDR+AGJyQlYuOwqakXzEp3Lj7CGyNGQG12nbcuyD7UrQRjJ:CYgBe3uZgR+zZiw807j7CGb2nouy8ryd

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks