Overview

overview

10

Static

static

7

da92f67104...4d.elf

debian-9-mipsel

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    da92f6710490cc3ec4dbb563662eed4d.elf

  • Size

    24KB

  • Sample

    230514-c9aq7sad86

  • MD5

    da92f6710490cc3ec4dbb563662eed4d

  • SHA1

    81cf4b05d0f6d694194f6538733234588159a23f

  • SHA256

    8105409cf71f6ebe339fdd144bcdfc5d1db11016bbb1841b7a322118d92b36b4

  • SHA512

    4df5b13b6bbcfe8f03469e92c0ccb59eb54efc6398734e086dbcb8e581ac48a41edd5294a7d878ccd1925590e07337d75bd651cd7d337eae7f7e54545c320dcd

  • SSDEEP

    768:obrQlS07dEv0UXqUhvQE+CXQKMQKCXBpsZqSWv5:4QlS07FUXqIYSXQKquUqB

Score
10/10
mirailzrdbotnetupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      da92f6710490cc3ec4dbb563662eed4d.elf

    • Size

      24KB

    • MD5

      da92f6710490cc3ec4dbb563662eed4d

    • SHA1

      81cf4b05d0f6d694194f6538733234588159a23f

    • SHA256

      8105409cf71f6ebe339fdd144bcdfc5d1db11016bbb1841b7a322118d92b36b4

    • SHA512

      4df5b13b6bbcfe8f03469e92c0ccb59eb54efc6398734e086dbcb8e581ac48a41edd5294a7d878ccd1925590e07337d75bd651cd7d337eae7f7e54545c320dcd

    • SSDEEP

      768:obrQlS07dEv0UXqUhvQE+CXQKMQKCXBpsZqSWv5:4QlS07FUXqIYSXQKquUqB

    Score
    10/10
    mirailzrdbotnet

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hijack Execution Flow

1
T1574

Privilege Escalation

Hijack Execution Flow

1
T1574

Defense Evasion

Impair Defenses

1
T1562

Hijack Execution Flow

1
T1574

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks