Overview

overview

10

Static

static

7

709688d14d...e1.elf

debian-9-mipsel

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    709688d14dc5e37f59b77357e6cbb3e1.elf

  • Size

    24KB

  • Sample

    230514-pjba9seb7x

  • MD5

    709688d14dc5e37f59b77357e6cbb3e1

  • SHA1

    6b564861a54870ed8a08e52d30591a4698266d3f

  • SHA256

    b534654252304b2779b2fe5b87559bc1fd05c8d9646a280b1890a957d8aba464

  • SHA512

    5932dd01ce26b6a154b2c685d1a1f05e942ab4d96d2dea45ba8d5067ae2d1d6aa15170a328b2623b5debb4205658acd9b2d46778e984294d9092e44a08b8500c

  • SSDEEP

    768:obrQlS07dEv0UXqUhvQE+CXQKMQKCXBpdZqSWvO:4QlS07FUXqIYSXQKqujqm

Score
10/10
mirailzrdbotnetupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      709688d14dc5e37f59b77357e6cbb3e1.elf

    • Size

      24KB

    • MD5

      709688d14dc5e37f59b77357e6cbb3e1

    • SHA1

      6b564861a54870ed8a08e52d30591a4698266d3f

    • SHA256

      b534654252304b2779b2fe5b87559bc1fd05c8d9646a280b1890a957d8aba464

    • SHA512

      5932dd01ce26b6a154b2c685d1a1f05e942ab4d96d2dea45ba8d5067ae2d1d6aa15170a328b2623b5debb4205658acd9b2d46778e984294d9092e44a08b8500c

    • SSDEEP

      768:obrQlS07dEv0UXqUhvQE+CXQKMQKCXBpdZqSWvO:4QlS07FUXqIYSXQKqujqm

    Score
    10/10
    mirailzrdbotnet

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hijack Execution Flow

1
T1574

Privilege Escalation

Hijack Execution Flow

1
T1574

Defense Evasion

Impair Defenses

1
T1562

Hijack Execution Flow

1
T1574

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks