General

  • Target

    724b0edb0cc682a6915e73732dfe76d2.bin

  • Size

    36KB

  • Sample

    241224-btdmgsxpfs

  • MD5

    798e44b8e1c8e5d4ca7de29675bb308c

  • SHA1

    809588fabfd6a883cd849a5e74b2071b13b5a87b

  • SHA256

    c2621d8d5d9092e6537709a77be0b573ab1bd1b5517c7f4ef25f5134635ff974

  • SHA512

    a4da6f6994f9dd639a1a84c374a61bfda5f57cdc88d75762031e52e4a75bcee7c914cd43bd84b9afd1f10b4bbaeca004a35d4b33a1b4d3a227624c353dc9d6c9

  • SSDEEP

    768:XMq3Br71xtDZHJwrFXibUWdOQ4oPhRcecAasak6TWgLMLq9:X9pFFIXihkiRt1Gz1

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      d6461422ccda6e83050c467ce61a68ad74df816ebcc71eaf8e6a44f2f63164aa.elf

    • Size

      37KB

    • MD5

      724b0edb0cc682a6915e73732dfe76d2

    • SHA1

      2c89c8aa80714af7b32a9ff6d496d15f1a853be0

    • SHA256

      d6461422ccda6e83050c467ce61a68ad74df816ebcc71eaf8e6a44f2f63164aa

    • SHA512

      112293be1c83445d5f8b4a8e894d324de050d852361f8663a5e00f522b494b0a206ef86030909e60cef7550c22034c6019885ef241b7f758959cb6838d085cf1

    • SSDEEP

      768:0hpGLq2YEQh5q10MxYWt/y/1tgPUcDpTC8tGoUBrWt:kpD2Ynjq10Qt/U89JUW

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks