mirai | f8bc63428a2d49e6703a62585c01c70247c5e7c8ecb95c4fdd147a25317776fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

boatnet.arm7
Size

45KB
Sample

231011-vbbvqacd72
MD5

16fbbc453c113f547514e827e3145c71
SHA1

34a26231a1ba07882e5b3759e8e982a5a5e11e1c
SHA256

f8bc63428a2d49e6703a62585c01c70247c5e7c8ecb95c4fdd147a25317776fc
SHA512

5137c4e9149524ecef8797f935c51dc48069cf36821b5829871fdde256a25cc28ca28892449c34b28c6667b66bf696072ee804c04b05afab3af08cb2192bf9af
SSDEEP

768:5/TYCoIxdEk+AxoTZAZHFeq8b3ik9q3UELbUXfi6nVMQHI4vcGpv0:5ECFd+A6YHAxiNLRQZ0

Score

10^/10

mirai lzrd botnet upx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  boatnet.arm7
- Size
  
  45KB
- MD5
  
  16fbbc453c113f547514e827e3145c71
- SHA1
  
  34a26231a1ba07882e5b3759e8e982a5a5e11e1c
- SHA256
  
  f8bc63428a2d49e6703a62585c01c70247c5e7c8ecb95c4fdd147a25317776fc
- SHA512
  
  5137c4e9149524ecef8797f935c51dc48069cf36821b5829871fdde256a25cc28ca28892449c34b28c6667b66bf696072ee804c04b05afab3af08cb2192bf9af
- SSDEEP
  
  768:5/TYCoIxdEk+AxoTZAZHFeq8b3ik9q3UELbUXfi6nVMQHI4vcGpv0:5ECFd+A6YHAxiNLRQZ0
Score

10^/10

mirai lzrd botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mirailzrdbotnet