mirai | 8993a58cf9e8c1a5e21f49d6b233fc805c11550e960c536ced07efd3a1a720f1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

boatnet.x86.elf
Size

20KB
Sample

230610-qlmyhsff9w
MD5

60aa969ee68f4dd95662c75a7e01533f
SHA1

6f389a961a860ee0b719dddc865ecf030fa0ca40
SHA256

8993a58cf9e8c1a5e21f49d6b233fc805c11550e960c536ced07efd3a1a720f1
SHA512

e85443accbbfddd40556e0b7fa9dbc789c5471af5714daa097f99ce319b489063c101f5eca22908798a7c01ff8a3128c0d6d7d77e90eb7857b3b5351f6334941
SSDEEP

384:Mg9Lpj8s/qPui8uZxoIA57RWQjJiEVi+ZkXaQNAr8vcoBAvP+qNV+KLebRtSaO73:798o08kxofBE+ZkXaT47C2EpitMBJ

Score

10^/10

mirai lzrd botnet linux upx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  boatnet.x86.elf
- Size
  
  20KB
- MD5
  
  60aa969ee68f4dd95662c75a7e01533f
- SHA1
  
  6f389a961a860ee0b719dddc865ecf030fa0ca40
- SHA256
  
  8993a58cf9e8c1a5e21f49d6b233fc805c11550e960c536ced07efd3a1a720f1
- SHA512
  
  e85443accbbfddd40556e0b7fa9dbc789c5471af5714daa097f99ce319b489063c101f5eca22908798a7c01ff8a3128c0d6d7d77e90eb7857b3b5351f6334941
- SSDEEP
  
  384:Mg9Lpj8s/qPui8uZxoIA57RWQjJiEVi+ZkXaQNAr8vcoBAvP+qNV+KLebRtSaO73:798o08kxofBE+ZkXaT47C2EpitMBJ
Score

10^/10

mirai lzrd botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mirailzrdbotnet