Overview

overview

10

Static

static

7

10dea47898...bd.elf

debian-9-mipsel

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    10dea478986aae1c5ca52e5d9e6345bd.elf

  • Size

    24KB

  • Sample

    230603-kmklwsgc23

  • MD5

    10dea478986aae1c5ca52e5d9e6345bd

  • SHA1

    7b2fd5081048a9e8fc7bfea79560ea707b9fc518

  • SHA256

    7db4e436786b96ec67b004f2a758e2365dbc1900cd505d1a9aaa23b7e3ebe001

  • SHA512

    e15eea0c2dcd3b7c60105ac526b03284a0b07702c85210e67f85f0dcc29b50aee12d2efdf88c854bf9556fed6ceb53046a124dd377c47c10ff8207d69db47273

  • SSDEEP

    768:obrQlS07dEv0UXqUhvQE+CXQKMQKCXBpeEZqSWv3:4QlS07FUXqIYSXQKque8q/

Score
10/10
mirailzrdbotnetupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      10dea478986aae1c5ca52e5d9e6345bd.elf

    • Size

      24KB

    • MD5

      10dea478986aae1c5ca52e5d9e6345bd

    • SHA1

      7b2fd5081048a9e8fc7bfea79560ea707b9fc518

    • SHA256

      7db4e436786b96ec67b004f2a758e2365dbc1900cd505d1a9aaa23b7e3ebe001

    • SHA512

      e15eea0c2dcd3b7c60105ac526b03284a0b07702c85210e67f85f0dcc29b50aee12d2efdf88c854bf9556fed6ceb53046a124dd377c47c10ff8207d69db47273

    • SSDEEP

      768:obrQlS07dEv0UXqUhvQE+CXQKMQKCXBpeEZqSWv3:4QlS07FUXqIYSXQKque8q/

    Score
    10/10
    mirailzrdbotnet

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hijack Execution Flow

1
T1574

Privilege Escalation

Hijack Execution Flow

1
T1574

Defense Evasion

Impair Defenses

1
T1562

Hijack Execution Flow

1
T1574

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks