mirai | 0c66077d1f6f335b3e928f0506ab8f068de1987a292dbd2d5495cfb46de44a36 | Triage

Submit
Reports

Overview

overview

Static

static

7

a51b8b6661...dd.elf

debian-9-mips

Sharing

General

Target

a51b8b6661b6ea7d339a66c1100e6bdd.elf
Size

27KB
Sample

230519-xlbzksfd58
MD5

a51b8b6661b6ea7d339a66c1100e6bdd
SHA1

956730e264347a610f969e81836322426c8ccf4b
SHA256

0c66077d1f6f335b3e928f0506ab8f068de1987a292dbd2d5495cfb46de44a36
SHA512

1c97f630cc58756183856ed67582415ee9ba0ef767c7b27a1552bdb4434e9a03a3310527ff6100456b25ee463b0ef1075daa9b3bbfb7c43673fa35700a6fbf19
SSDEEP

768:G8bEL70kbgfQkRI7fBCwi8YGikJgGlzDpbuR1Jt:GN70kbmQ/fB24lVJuT

Score

10^/10

mirai lzrd botnet discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a51b8b6661b6ea7d339a66c1100e6bdd.elf

Resource

debian9-mipsbe-en-20211208

mirai lzrd botnet discovery

debian-9-mips

5 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  a51b8b6661b6ea7d339a66c1100e6bdd.elf
- Size
  
  27KB
- MD5
  
  a51b8b6661b6ea7d339a66c1100e6bdd
- SHA1
  
  956730e264347a610f969e81836322426c8ccf4b
- SHA256
  
  0c66077d1f6f335b3e928f0506ab8f068de1987a292dbd2d5495cfb46de44a36
- SHA512
  
  1c97f630cc58756183856ed67582415ee9ba0ef767c7b27a1552bdb4434e9a03a3310527ff6100456b25ee463b0ef1075daa9b3bbfb7c43673fa35700a6fbf19
- SSDEEP
  
  768:G8bEL70kbgfQkRI7fBCwi8YGikJgGlzDpbuR1Jt:GN70kbmQ/fB24lVJuT
Score

10^/10

mirai lzrd botnet discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (20724) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

mirailzrdbotnetdiscovery

© 2018-2024

Terms | Privacy