mirai | 331ed660c89c86ce4c15135f319f4bd434a6cf785a37b052e223e15531cb6726 | Triage

Submit
Reports

Overview

overview

Static

static

417a0aaf8e...1926c9

debian-9-mipsel

9

Sharing

Copy URL Twitter E-mail

General

Target

417a0aaf8e24d2fb2beb1d78601926c9
Size

89KB
Sample

231219-215yescea7
MD5

417a0aaf8e24d2fb2beb1d78601926c9
SHA1

329fd324792032b09b780756899957306873595b
SHA256

331ed660c89c86ce4c15135f319f4bd434a6cf785a37b052e223e15531cb6726
SHA512

f15db61d0a61b91be0066d227e20fca3f976dfdb0520053c069d4601e104613b12e8e356ac2861be2fe5d01b85b1b2b9444100dc955ae4460668b0a74868387a
SSDEEP

1536:NYCYxrXP40ODyPwHRQ9PlzTRfyToNoZqgi:qCYxrKDy46Nh

Score

10^/10

mirai lzrd discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

417a0aaf8e24d2fb2beb1d78601926c9

Resource

debian9-mipsel-20231215-en

debian-9-mipsel

7 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  417a0aaf8e24d2fb2beb1d78601926c9
- Size
  
  89KB
- MD5
  
  417a0aaf8e24d2fb2beb1d78601926c9
- SHA1
  
  329fd324792032b09b780756899957306873595b
- SHA256
  
  331ed660c89c86ce4c15135f319f4bd434a6cf785a37b052e223e15531cb6726
- SHA512
  
  f15db61d0a61b91be0066d227e20fca3f976dfdb0520053c069d4601e104613b12e8e356ac2861be2fe5d01b85b1b2b9444100dc955ae4460668b0a74868387a
- SSDEEP
  
  1536:NYCYxrXP40ODyPwHRQ9PlzTRfyToNoZqgi:qCYxrKDy46Nh
Score

9^/10

discovery
- Contacts a large (16890) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy