General

  • Target

    5c26d99fcb4734a9fa1e742d0a2b79de476ad150afd2ab87212766a458eb3475.elf

  • Size

    36KB

  • Sample

    241223-clrd2strdr

  • MD5

    3c733927caaa196b216421abb32e2632

  • SHA1

    0c2443725d846b98d0f43fd04d914fc9f0848595

  • SHA256

    5c26d99fcb4734a9fa1e742d0a2b79de476ad150afd2ab87212766a458eb3475

  • SHA512

    531651740555a3e4291b9de2a326a4dc5e69088e64264827f1a1f32be8882db930f183e8a145967e8d0976119e3e3d21ff95b9fdd80f3a20b63b801b3d790f08

  • SSDEEP

    768:Wkjvsa/voIrhf79v0ewoZ6SbFGx3aSbYwVmUx0nZB:NzHzJyKZ6Scx3a0Y2MZB

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      5c26d99fcb4734a9fa1e742d0a2b79de476ad150afd2ab87212766a458eb3475.elf

    • Size

      36KB

    • MD5

      3c733927caaa196b216421abb32e2632

    • SHA1

      0c2443725d846b98d0f43fd04d914fc9f0848595

    • SHA256

      5c26d99fcb4734a9fa1e742d0a2b79de476ad150afd2ab87212766a458eb3475

    • SHA512

      531651740555a3e4291b9de2a326a4dc5e69088e64264827f1a1f32be8882db930f183e8a145967e8d0976119e3e3d21ff95b9fdd80f3a20b63b801b3d790f08

    • SSDEEP

      768:Wkjvsa/voIrhf79v0ewoZ6SbFGx3aSbYwVmUx0nZB:NzHzJyKZ6Scx3a0Y2MZB

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks