General

  • Target

    3c733927caaa196b216421abb32e2632.bin

  • Size

    35KB

  • Sample

    241224-bgzn7axnep

  • MD5

    2423b79916a5d581d9d36c649d1260e4

  • SHA1

    35471a8b078efc6dd057f9cbd7bb788c2d306be9

  • SHA256

    eaa3329c8a7638275ed33279485655538c875c91724e930bf21f576ac60a0d5f

  • SHA512

    2396f5c60f3366e512a038cb4996d99d026ce41200daa38eda09473d8684fcacdbcf662ebcb64f4b90fa0d457b86bbc5b324198eabcd6c28fdb20a56124dd08b

  • SSDEEP

    768:hXoppoJoWPFGZnhaiJqAlfKwSu6xXeQb3oQidG9g:hXoGPFGZha+qAlfxPueMg

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      5c26d99fcb4734a9fa1e742d0a2b79de476ad150afd2ab87212766a458eb3475.elf

    • Size

      36KB

    • MD5

      3c733927caaa196b216421abb32e2632

    • SHA1

      0c2443725d846b98d0f43fd04d914fc9f0848595

    • SHA256

      5c26d99fcb4734a9fa1e742d0a2b79de476ad150afd2ab87212766a458eb3475

    • SHA512

      531651740555a3e4291b9de2a326a4dc5e69088e64264827f1a1f32be8882db930f183e8a145967e8d0976119e3e3d21ff95b9fdd80f3a20b63b801b3d790f08

    • SSDEEP

      768:Wkjvsa/voIrhf79v0ewoZ6SbFGx3aSbYwVmUx0nZB:NzHzJyKZ6Scx3a0Y2MZB

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks