mirai | 445839aefa1051bea0ea450970e1764a80315c5e9be01875d9629e70dc7e841d | Triage

Submit
Reports

Overview

overview

Static

static

7

d594110268...a7.elf

debian-9-mipsel

Sharing

General

Target

d594110268d10e2132dc62aebeb30da7.elf
Size

28KB
Sample

230519-yjnq2afg84
MD5

d594110268d10e2132dc62aebeb30da7
SHA1

005ae99ab6fea731acdcc3da700b966a435db2f8
SHA256

445839aefa1051bea0ea450970e1764a80315c5e9be01875d9629e70dc7e841d
SHA512

93978b3c87bf21ef0cd54172c4cf4cc0b94848f4bf9277d4e6ca63528937d6fba17ff79e02089ba01932d6c4435704480b63e493f2fc47d691aa0138959c2780
SSDEEP

768:zy5RtZxop0GqSeXU9TBSfgz7yjY8zsgNcWL:u7ZxoCGHu+BSoKjZT5

Score

10^/10

mirai lzrd botnet discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d594110268d10e2132dc62aebeb30da7.elf

Resource

debian9-mipsel-20221111-en

mirai lzrd botnet discovery

debian-9-mipsel

5 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  d594110268d10e2132dc62aebeb30da7.elf
- Size
  
  28KB
- MD5
  
  d594110268d10e2132dc62aebeb30da7
- SHA1
  
  005ae99ab6fea731acdcc3da700b966a435db2f8
- SHA256
  
  445839aefa1051bea0ea450970e1764a80315c5e9be01875d9629e70dc7e841d
- SHA512
  
  93978b3c87bf21ef0cd54172c4cf4cc0b94848f4bf9277d4e6ca63528937d6fba17ff79e02089ba01932d6c4435704480b63e493f2fc47d691aa0138959c2780
- SSDEEP
  
  768:zy5RtZxop0GqSeXU9TBSfgz7yjY8zsgNcWL:u7ZxoCGHu+BSoKjZT5
Score

10^/10

mirai lzrd botnet discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (20481) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

mirailzrdbotnetdiscovery

© 2018-2024

Terms | Privacy