General

  • Target

    f66071f9e603dd7b96793058e206b45c.bin

  • Size

    33KB

  • Sample

    241224-cdarbsyndn

  • MD5

    251138c55257ac244784137a86ea6071

  • SHA1

    1cf39d3741b2ae772dfaf2dd0731f40d607fba20

  • SHA256

    d91f21e8091b722fb5255ab4d835b269041f22266d45e3391fd0fc62b14c897a

  • SHA512

    497938d7908815b816b8ca3bad5884d3bf8350f1c862a2012eaa1a7849d7040a3757235ad2912c77045c2006d4df9d92a86cefec2481189da6627e8fe26d1eb1

  • SSDEEP

    768:uYfv572gjRKo42gKdIWfWhJlcVTRY3C/k14fD6MjoIAZYU:uYfv57e/KGWebmR/kGroIoYU

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      8b8facc7fb2d6cd6f278ea77711c41970dcdff8a367d2d04a2221fd4286ffb45.elf

    • Size

      34KB

    • MD5

      f66071f9e603dd7b96793058e206b45c

    • SHA1

      f90eaf59e5a2c5030450de5b1f12a72a8ec8f256

    • SHA256

      8b8facc7fb2d6cd6f278ea77711c41970dcdff8a367d2d04a2221fd4286ffb45

    • SHA512

      d5d307f49f255d8f2e36027cdb5b0b7171f83d99147fb1d074bdb64f4c65fa19a7af2556508e0a317a9a4e0df5bd005b5d1b3396282647d9672b12d916d3fc88

    • SSDEEP

      768:LzbGjwng3vdOhxV/Whew0IAls1SeGhRLN1Hv8s8xfp8AbanbcuyD7UHQRjj:fdnAzhe3rs2hRLbHv81tvanouy8Hyv

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks