Overview

overview

10

Static

static

10

i586.elf

ubuntu-22.04-amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    i586.elf

  • Size

    69KB

  • Sample

    250106-3fjecsvmdp

  • MD5

    2d0bd765ed70648d44343839f6927c45

  • SHA1

    9348135e9d1e451b6b0b45b1017c5c6e29900a43

  • SHA256

    cbf5056d52a2ae8703611527edd723b72dcfa0ea3c7576c09f728f379d124220

  • SHA512

    f82ebd3fbda4d6ed0ae6baa9c317fcb0f5f8b7738c139972a7a8d4760349e610db5977c0172d9fd595beac0a9e26e088b259c4a395ca8985b13ce5cf451c0890

  • SSDEEP

    1536:yPQsRePYB4WZhMXaH96kYVBKBoj1d21vlOmNtW:yPtMPYB4WZhMXoYmBoZdedPA

Score
10/10
miraimiraidefense_evasiondiscoveryevasionlinuxpersistenceprivilege_escalation

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

    • Target

      i586.elf

    • Size

      69KB

    • MD5

      2d0bd765ed70648d44343839f6927c45

    • SHA1

      9348135e9d1e451b6b0b45b1017c5c6e29900a43

    • SHA256

      cbf5056d52a2ae8703611527edd723b72dcfa0ea3c7576c09f728f379d124220

    • SHA512

      f82ebd3fbda4d6ed0ae6baa9c317fcb0f5f8b7738c139972a7a8d4760349e610db5977c0172d9fd595beac0a9e26e088b259c4a395ca8985b13ce5cf451c0890

    • SSDEEP

      1536:yPQsRePYB4WZhMXaH96kYVBKBoj1d21vlOmNtW:yPtMPYB4WZhMXoYmBoZdedPA

    Score
    7/10
    defense_evasiondiscoveryevasionpersistenceprivilege_escalation

    • Deletes itself

    • Deletes journal logs

      Deletes systemd journal logs. Likely to evade detection.

      evasion

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Modifies systemd

      Adds/ modifies systemd service files. Likely to achieve persistence.

      persistenceprivilege_escalation
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks