mirai | 7db4e436786b96ec67b004f2a758e2365dbc1900cd505d1a9aaa23b7e3ebe001 | Triage

Sharing

General

Target

10dea478986aae1c5ca52e5d9e6345bd.elf
Size

24KB
Sample

230603-kmklwsgc23
MD5

10dea478986aae1c5ca52e5d9e6345bd
SHA1

7b2fd5081048a9e8fc7bfea79560ea707b9fc518
SHA256

7db4e436786b96ec67b004f2a758e2365dbc1900cd505d1a9aaa23b7e3ebe001
SHA512

e15eea0c2dcd3b7c60105ac526b03284a0b07702c85210e67f85f0dcc29b50aee12d2efdf88c854bf9556fed6ceb53046a124dd377c47c10ff8207d69db47273
SSDEEP

768:obrQlS07dEv0UXqUhvQE+CXQKMQKCXBpeEZqSWv3:4QlS07FUXqIYSXQKque8q/

Score

10^/10

mirai lzrd botnet upx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  10dea478986aae1c5ca52e5d9e6345bd.elf
- Size
  
  24KB
- MD5
  
  10dea478986aae1c5ca52e5d9e6345bd
- SHA1
  
  7b2fd5081048a9e8fc7bfea79560ea707b9fc518
- SHA256
  
  7db4e436786b96ec67b004f2a758e2365dbc1900cd505d1a9aaa23b7e3ebe001
- SHA512
  
  e15eea0c2dcd3b7c60105ac526b03284a0b07702c85210e67f85f0dcc29b50aee12d2efdf88c854bf9556fed6ceb53046a124dd377c47c10ff8207d69db47273
- SSDEEP
  
  768:obrQlS07dEv0UXqUhvQE+CXQKMQKCXBpeEZqSWv3:4QlS07FUXqIYSXQKque8q/
Score

10^/10

mirai lzrd botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mirailzrdbotnet