mirai | 53b52e55b25dce93cbee661403d8599865a6f547b9c0dc384a208df92b94af6b | Triage

Sharing

General

Target

53b52e55b25dce93cbee661403d8599865a6f547b9c0dc384a208df92b94af6b_JC.elf
Size

45KB
Sample

230826-rv1reaba26
MD5

1484e4e3b452c9db96049ef94e9a0680
SHA1

fddd4cdef58109403c64a54daf665461aa0abd84
SHA256

53b52e55b25dce93cbee661403d8599865a6f547b9c0dc384a208df92b94af6b
SHA512

2e115c995a18b2c57158231db2d3370cfd9a9fec40e9a34864999cb442fe3cf478d91e831c07e4fc88ac04c11f6814bb021aac5d8d4428705201576fb22ff51f
SSDEEP

768:g/TYCoIxdEk+AxoTZAZHFeq8b37V9q3UELbUXfi6nVMQHI4vcGpvl:gECFd+A6YHAxULRQZl

Score

10^/10

mirai lzrd botnet upx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  53b52e55b25dce93cbee661403d8599865a6f547b9c0dc384a208df92b94af6b_JC.elf
- Size
  
  45KB
- MD5
  
  1484e4e3b452c9db96049ef94e9a0680
- SHA1
  
  fddd4cdef58109403c64a54daf665461aa0abd84
- SHA256
  
  53b52e55b25dce93cbee661403d8599865a6f547b9c0dc384a208df92b94af6b
- SHA512
  
  2e115c995a18b2c57158231db2d3370cfd9a9fec40e9a34864999cb442fe3cf478d91e831c07e4fc88ac04c11f6814bb021aac5d8d4428705201576fb22ff51f
- SSDEEP
  
  768:g/TYCoIxdEk+AxoTZAZHFeq8b37V9q3UELbUXfi6nVMQHI4vcGpvl:gECFd+A6YHAxULRQZl
Score

10^/10

mirai lzrd botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mirailzrdbotnet