General

  • Target

    xd.arm7.elf

  • Size

    52KB

  • Sample

    250115-r6fklswjbv

  • MD5

    73c8f6d42082dd2bfb599fe5bfe9295c

  • SHA1

    7f3a552246c9f709715985fec24cf6955b1998b2

  • SHA256

    95990a559d7dced77b2886a15f381d5bbb1e28b87a7508884e48392cac956dc8

  • SHA512

    7e40381c11327736d0e62d73056e4df592c6f928dacae7e4b25fc1cd95a2823040ed62122ae925ba11f621412920fc44761f05bdbe3cfb94c0c23c98f69de2d7

  • SSDEEP

    768:AAWkn5pJ7ZgXHMsJ6hlD9T8c3QiOFz5/GkFh3looKS9q3UELSOs8qMLPVhujATBH:Asn5pJ7ZWZu9TbQzGkFFb+LvV+osi

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      xd.arm7.elf

    • Size

      52KB

    • MD5

      73c8f6d42082dd2bfb599fe5bfe9295c

    • SHA1

      7f3a552246c9f709715985fec24cf6955b1998b2

    • SHA256

      95990a559d7dced77b2886a15f381d5bbb1e28b87a7508884e48392cac956dc8

    • SHA512

      7e40381c11327736d0e62d73056e4df592c6f928dacae7e4b25fc1cd95a2823040ed62122ae925ba11f621412920fc44761f05bdbe3cfb94c0c23c98f69de2d7

    • SSDEEP

      768:AAWkn5pJ7ZgXHMsJ6hlD9T8c3QiOFz5/GkFh3looKS9q3UELSOs8qMLPVhujATBH:Asn5pJ7ZWZu9TbQzGkFFb+LvV+osi

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Contacts a large (19698) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.