mirai | 68c2fcf60067e85d9f5cd21b27ef05a0f9761fd344cb904b51fb76267814ab8c | Triage

Submit
Reports

Overview

overview

Static

static

7

89f9822595...98c3c8

ubuntu-18.04-amd64

Sharing

General

Target

89f9822595b4b6f46e2fa8bcac98c3c8
Size

28KB
Sample

231220-gqchxaegen
MD5

89f9822595b4b6f46e2fa8bcac98c3c8
SHA1

924d120b168560466c09f9a4ee017f7fd2c0f853
SHA256

68c2fcf60067e85d9f5cd21b27ef05a0f9761fd344cb904b51fb76267814ab8c
SHA512

316dbddfa1392b66dc03ed6eb25b691d11e127bb3c9742c17eb06f2d29ad40027438d055bf1e857f341ae00e4176f045c3d03e5b1879d4dbf877a036a1f8d1f2
SSDEEP

768:wVFb9ucRQTBcVU5MNF9QD80tKjJnw82GExKrNp6t/:wbtRacyO9+80tKlB2G2Kne/

Score

10^/10

mirai lzrd botnet discovery linux upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

89f9822595b4b6f46e2fa8bcac98c3c8

Resource

ubuntu1804-amd64-20231215-en

mirai lzrd botnet discovery

ubuntu-18.04-amd64

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  89f9822595b4b6f46e2fa8bcac98c3c8
- Size
  
  28KB
- MD5
  
  89f9822595b4b6f46e2fa8bcac98c3c8
- SHA1
  
  924d120b168560466c09f9a4ee017f7fd2c0f853
- SHA256
  
  68c2fcf60067e85d9f5cd21b27ef05a0f9761fd344cb904b51fb76267814ab8c
- SHA512
  
  316dbddfa1392b66dc03ed6eb25b691d11e127bb3c9742c17eb06f2d29ad40027438d055bf1e857f341ae00e4176f045c3d03e5b1879d4dbf877a036a1f8d1f2
- SSDEEP
  
  768:wVFb9ucRQTBcVU5MNF9QD80tKjJnw82GExKrNp6t/:wbtRacyO9+80tKlB2G2Kne/
Score

10^/10

mirai lzrd botnet discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (20498) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mirailzrdbotnetdiscovery

© 2018-2025

Terms | Privacy