mirai | b8577da827f10dbe3909cae50c0465268ae5aeed89a20271d50095ba9c021341 | Triage

Submit
Reports

Overview

overview

Static

static

7

58c4112fb9...f8.elf

debian-9-armhf

Sharing

General

Target

58c4112fb9ddff90e381763d258927f8.elf
Size

45KB
Sample

230525-1tw69sdc2y
MD5

58c4112fb9ddff90e381763d258927f8
SHA1

9375a20b2f6d9c23b8eec6b5493d8c17d91533d8
SHA256

b8577da827f10dbe3909cae50c0465268ae5aeed89a20271d50095ba9c021341
SHA512

20a83fcf0f849c496d4ce0652e2584fd37a123701449a02d166b678e729b015677151112dd707d5669f20994d86e0298adb02a510bc70e15a927e78b6efa8673
SSDEEP

768:D/TYCoIxdEk+AxoTZAZHFeq8b32d9q3UELbUXfi6nVMQHI4vcGpvp:DECFd+A6YHAxrLRQZp

Score

10^/10

mirai lzrd botnet upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

58c4112fb9ddff90e381763d258927f8.elf

Resource

debian9-armhf-20221125-en

mirai lzrd botnet

debian-9-armhf

6 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  58c4112fb9ddff90e381763d258927f8.elf
- Size
  
  45KB
- MD5
  
  58c4112fb9ddff90e381763d258927f8
- SHA1
  
  9375a20b2f6d9c23b8eec6b5493d8c17d91533d8
- SHA256
  
  b8577da827f10dbe3909cae50c0465268ae5aeed89a20271d50095ba9c021341
- SHA512
  
  20a83fcf0f849c496d4ce0652e2584fd37a123701449a02d166b678e729b015677151112dd707d5669f20994d86e0298adb02a510bc70e15a927e78b6efa8673
- SSDEEP
  
  768:D/TYCoIxdEk+AxoTZAZHFeq8b32d9q3UELbUXfi6nVMQHI4vcGpvp:DECFd+A6YHAxrLRQZp
Score

10^/10

mirai lzrd botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mirailzrdbotnet

© 2018-2024

Terms | Privacy