mirai | 80277a6c7afa194f398ee67d3523bda199af5478d79fa7229494ba2b64250a5f | Triage

Sharing

General

Target

80277a6c7afa194f398ee67d3523bda199af5478d79fa7229494ba2b64250a5f
Size

89KB
Sample

221130-xbdqesec85
MD5

55fb6c954759c5b1e7f6954dd7f3764a
SHA1

c26b89acef874d38036231316526a9857209dfea
SHA256

80277a6c7afa194f398ee67d3523bda199af5478d79fa7229494ba2b64250a5f
SHA512

2462a0c3033fffc8ec0bde9e671e409b6277ec7e38a200561ec8379b8a3b198166b59bc2da232549f7dd0f73590d31a0c8bbd8706e8353bad54c042ca7aa7a98
SSDEEP

1536:4YRS2cWY6f6utWSVSDYFMMwqZ9adsR0vf7y9vnk5zlf/A4mqvrrb93K2M:1I2cWRyutWCSDU9aE0Hm9Azlf/A4mOrW

Score

10^/10

mirai lzrd discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  80277a6c7afa194f398ee67d3523bda199af5478d79fa7229494ba2b64250a5f
- Size
  
  89KB
- MD5
  
  55fb6c954759c5b1e7f6954dd7f3764a
- SHA1
  
  c26b89acef874d38036231316526a9857209dfea
- SHA256
  
  80277a6c7afa194f398ee67d3523bda199af5478d79fa7229494ba2b64250a5f
- SHA512
  
  2462a0c3033fffc8ec0bde9e671e409b6277ec7e38a200561ec8379b8a3b198166b59bc2da232549f7dd0f73590d31a0c8bbd8706e8353bad54c042ca7aa7a98
- SSDEEP
  
  1536:4YRS2cWY6f6utWSVSDYFMMwqZ9adsR0vf7y9vnk5zlf/A4mqvrrb93K2M:1I2cWRyutWCSDU9aE0Hm9Azlf/A4mOrW
Score

9^/10

discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Scanning

System Network Connections Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1