mirai | 7cb5f1e850454e179f86aff1fbe72b0ce7fbd2d45a6e6e46bdbca863becb297d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae4a6b348157963f05ba573ae5375cd1.elf
Size

45KB
Sample

230919-gxledshc72
MD5

ae4a6b348157963f05ba573ae5375cd1
SHA1

16d719ae45b719eb7b3ee69af6bda8f8028a0caa
SHA256

7cb5f1e850454e179f86aff1fbe72b0ce7fbd2d45a6e6e46bdbca863becb297d
SHA512

1f974e11478ee6e0332733b86a5b3d0d2ae9a9dcb2f2507a79c3c7b0387a1e59a19fb38bbe9475517824b677e4f12336faa274451042d7f7f663fc756e6c9009
SSDEEP

768:D/TYCoIxdEk+AxoTZAZHFeq8b3t9q3UELbUXfi6nVMQHI4vcGpvQ:DECFd+A6YHAxALRQZQ

Score

10^/10

mirai lzrd botnet upx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  ae4a6b348157963f05ba573ae5375cd1.elf
- Size
  
  45KB
- MD5
  
  ae4a6b348157963f05ba573ae5375cd1
- SHA1
  
  16d719ae45b719eb7b3ee69af6bda8f8028a0caa
- SHA256
  
  7cb5f1e850454e179f86aff1fbe72b0ce7fbd2d45a6e6e46bdbca863becb297d
- SHA512
  
  1f974e11478ee6e0332733b86a5b3d0d2ae9a9dcb2f2507a79c3c7b0387a1e59a19fb38bbe9475517824b677e4f12336faa274451042d7f7f663fc756e6c9009
- SSDEEP
  
  768:D/TYCoIxdEk+AxoTZAZHFeq8b3t9q3UELbUXfi6nVMQHI4vcGpvQ:DECFd+A6YHAxALRQZQ
Score

10^/10

mirai lzrd botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mirailzrdbotnet