mirai | 5c66b7ff62d284ad48bdc4564ba9d0a8f09b631656522f5706c87bbab9dbea2d | Triage

Sharing

General

Target

9a974cb60d9cdbe1ec2d80b624d13aff.elf
Size

24KB
Sample

230517-j15njsdc6w
MD5

9a974cb60d9cdbe1ec2d80b624d13aff
SHA1

ce8fcda8edafdcc7114a5b90a3b7506287e0e4b5
SHA256

5c66b7ff62d284ad48bdc4564ba9d0a8f09b631656522f5706c87bbab9dbea2d
SHA512

9b2ed5c2a7ab947bdb425962322a087b93910b83973e0162321c0956c4ebef7d5bb2ced51529c7706c1de30bca1230cce64062323d30a47c959f6f9b359a401e
SSDEEP

768:otrQlS07dEv0UXqUhvQE+CXQKMQKCXBpNEZqqWvS:iQlS07FUXqIYSXQKquN8qC

Score

10^/10

mirai lzrd botnet upx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  9a974cb60d9cdbe1ec2d80b624d13aff.elf
- Size
  
  24KB
- MD5
  
  9a974cb60d9cdbe1ec2d80b624d13aff
- SHA1
  
  ce8fcda8edafdcc7114a5b90a3b7506287e0e4b5
- SHA256
  
  5c66b7ff62d284ad48bdc4564ba9d0a8f09b631656522f5706c87bbab9dbea2d
- SHA512
  
  9b2ed5c2a7ab947bdb425962322a087b93910b83973e0162321c0956c4ebef7d5bb2ced51529c7706c1de30bca1230cce64062323d30a47c959f6f9b359a401e
- SSDEEP
  
  768:otrQlS07dEv0UXqUhvQE+CXQKMQKCXBpNEZqqWvS:iQlS07FUXqIYSXQKquN8qC
Score

10^/10

mirai lzrd botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mirailzrdbotnet