General
-
Target
4bccd6464611aab4a804bc9a9c03b7670a0b7978422eb8178e23b408155003d4.elf
-
Size
79KB
-
Sample
250107-cp91kayra1
-
MD5
2320b08c36f0f883e99f2b2e0cc4190d
-
SHA1
14c4a26918a8cf7042952baf8706cdd223b17d20
-
SHA256
4bccd6464611aab4a804bc9a9c03b7670a0b7978422eb8178e23b408155003d4
-
SHA512
47470bc7341fb593ee7ba385ad9422c07b938143bb0b15beb7fdac8da97e7b51beef63da7176111ad89610f8ad9e67382db2739f28da70d4279523a964d38261
-
SSDEEP
1536:jEZ7dF3Nw8V/OjhJgpZqLKfFVE5/Q62wnR6eeiTzrcL1RPSnReS4ESw3SVH:jUdRa8VQHgp9FVF62wdXTza1RPS8S4K+
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
4bccd6464611aab4a804bc9a9c03b7670a0b7978422eb8178e23b408155003d4.elf
-
Size
79KB
-
MD5
2320b08c36f0f883e99f2b2e0cc4190d
-
SHA1
14c4a26918a8cf7042952baf8706cdd223b17d20
-
SHA256
4bccd6464611aab4a804bc9a9c03b7670a0b7978422eb8178e23b408155003d4
-
SHA512
47470bc7341fb593ee7ba385ad9422c07b938143bb0b15beb7fdac8da97e7b51beef63da7176111ad89610f8ad9e67382db2739f28da70d4279523a964d38261
-
SSDEEP
1536:jEZ7dF3Nw8V/OjhJgpZqLKfFVE5/Q62wnR6eeiTzrcL1RPSnReS4ESw3SVH:jUdRa8VQHgp9FVF62wdXTza1RPS8S4K+
Score7/10-
Deletes itself
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1