mirai | 96d0b2ae7f57ee69b30870481a5a2bc820e818945b88ce1183f3e185be7a59b4 | Triage

Sharing

General

Target

96d0b2ae7f57ee69b30870481a5a2bc820e818945b88ce1183f3e185be7a59b4.elf
Size

54KB
Sample

240212-e1lhfsbb83
MD5

2e3c3da156c331de90cd5de6eff18f33
SHA1

7a7c93f62325c9ba5420e1ae5aed02c2333c25ee
SHA256

96d0b2ae7f57ee69b30870481a5a2bc820e818945b88ce1183f3e185be7a59b4
SHA512

66aa4281b83118c0e50cb913e54f79819b1a32a6bef525f9130e687ec485358a21b9cfb661106edf837edcdccca381534a170c751c20eeed626edee006a96a9a
SSDEEP

1536:/M99jmL8BZp9IFUoWKdYuvQ54wIqkypZ:/M9VrmypZ

Score

10^/10

mirai lzrd

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  96d0b2ae7f57ee69b30870481a5a2bc820e818945b88ce1183f3e185be7a59b4.elf
- Size
  
  54KB
- MD5
  
  2e3c3da156c331de90cd5de6eff18f33
- SHA1
  
  7a7c93f62325c9ba5420e1ae5aed02c2333c25ee
- SHA256
  
  96d0b2ae7f57ee69b30870481a5a2bc820e818945b88ce1183f3e185be7a59b4
- SHA512
  
  66aa4281b83118c0e50cb913e54f79819b1a32a6bef525f9130e687ec485358a21b9cfb661106edf837edcdccca381534a170c751c20eeed626edee006a96a9a
- SSDEEP
  
  1536:/M99jmL8BZp9IFUoWKdYuvQ54wIqkypZ:/M9VrmypZ
Score

7^/10
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1