Overview

overview

10

Static

static

10

e1245fe782...51.elf

debian-12-mipsel

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea32efb911185778be600ecedbe2ddbb.bin

  • Size

    41KB

  • Sample

    250103-b6sl6strcy

  • MD5

    14fcdf46009500263e61ed33e69f3194

  • SHA1

    ea1f7cc035a7fd4f85a3ff10b2506b507f20c17e

  • SHA256

    a940f2d25198c7fdb21404f0d55a5c0e6a7dec18f9e9f20802b4e5b1e57089d1

  • SHA512

    d638a6bd91239a55ea926cc201a201871ea6ec0acf22a016492e2eceb9512d4ab0e54a3ab91d84829cec9efff394bdc1ba5bb5a36f4f8af31bd3250146698e30

  • SSDEEP

    768:fsLGqcRBrKU/uhcs90kQMAG4HBrHTk84T1IDUolWZG1QePzqFKb7SJNVkW5k4fnV:fyPcDK+qAnBwT1GUol0G1QMz5bkVrkSV

Score
10/10
miraimiraidefense_evasiondiscoveryevasionpersistenceprivilege_escalation

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

    • Target

      e1245fe7825242a19c87b04b3bb3c4d20c8562df664a881508b4268309108251.elf

    • Size

      106KB

    • MD5

      ea32efb911185778be600ecedbe2ddbb

    • SHA1

      8c73f43408256526beba33215be7845798b63910

    • SHA256

      e1245fe7825242a19c87b04b3bb3c4d20c8562df664a881508b4268309108251

    • SHA512

      a12f54044e22298d96310560186e517041a338ba4719a038ec48cc2bbc6ca34166a774534d6cdb5019213528c7016d8df63b650a108d0197692fafcc3638901c

    • SSDEEP

      1536:iAX2gnezXPlAGhpwC4S9P2uI+yXVJZPTnZSu3aCwmj9+:ia2gnezXPllh0lJlTnOE9

    Score
    7/10
    defense_evasiondiscoveryevasionpersistenceprivilege_escalation

    • Deletes Audit logs

      Deletes logs related to the Linux Audit framework.

      evasion

    • Deletes itself

    • Deletes journal logs

      Deletes systemd journal logs. Likely to evade detection.

      evasion

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Deletes log files

      Deletes log files on the system.

      defense_evasion

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Modifies systemd

      Adds/ modifies systemd service files. Likely to achieve persistence.

      persistenceprivilege_escalation
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks