Extracted

• • Target

    ae57550d71ebf3957a2221f0b9cf58cfe8a119ef8f8ca4ab4c839aa3b3424867.elf

  • Size

    83KB

  • MD5

    8c6e6dc4f224e20117ff59bdf8fe79bf

  • SHA1

    9dc4b87c2a0762e8aa969c4ef6ebd52c52a4a5eb

  • SHA256

    ae57550d71ebf3957a2221f0b9cf58cfe8a119ef8f8ca4ab4c839aa3b3424867

  • SHA512

    519b7a62010b422135077c7900b3590a381d701c789ff9c4ad45d091ec1b657d29d61fb2037f4a5113a63e2b05fb3bad25e61d136dd54a4347059c6f5dab299e

  • SSDEEP

    1536:GTqRR2Rm+KCVWMLN3kHEIbAjp6gaDMQc1DI1MwUwl4jz1uhOTo8DBDYTIIM:62Rgm+H1LN27bAFNagQc1s2wUwo1uhOH

  Score

  10^/10

  miraiunstablebotnetdefense_evasiondiscoveryexecutionpersistenceprivilege_escalation

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai

  • Mirai family

    mirai

  • File and Directory Permissions Modification

    Adversaries may modify file or directory permissions to evade defenses.

    defense_evasion

  • Executes dropped EXE

  • Creates/modifies Cron job

    Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    executionpersistenceprivilege_escalation

  • Creates/modifies environment variables

    Creating/modifying environment variables is a common persistence mechanism.

    persistenceprivilege_escalationdefense_evasion

  • Modifies init.d

    Adds/modifies system service, likely for persistence.

    persistence

  • Modifies rc script

    Adding/modifying system rc scripts is a common persistence mechanism.

    persistence

  • Modifies systemd

    Adds/ modifies systemd service files. Likely to achieve persistence.

    persistenceprivilege_escalation

  • Writes file to system bin folder

  • Modifies Bash startup script

    persistence
  behavioral1