mirai | 4193d53ba0e6cc2f9f341ed932d2afc4dafe7f92ba6019573157b9dd951fdc57 | Triage

Submit
Reports

Overview

overview

Static

static

c0a2482d67...c1018e

debian-9-mips

9

Sharing

General

Target

c0a2482d67bbdbbdf22328d63bc1018e
Size

87KB
Sample

240311-p32ybsfc67
MD5

c0a2482d67bbdbbdf22328d63bc1018e
SHA1

8573468abca33e0e9fbf86cd16180ec06782b54b
SHA256

4193d53ba0e6cc2f9f341ed932d2afc4dafe7f92ba6019573157b9dd951fdc57
SHA512

75c0a9639f097ec77c3600c4a722199e0e32917d73089a53a9fd6b2d421dfdde833211d886956d2fd70061b67d53768ed3e4ad69320a2ba16aeefa87d1f05458
SSDEEP

1536:1YRdsnDd6C6gb/ZVyDYjMbwqZ9f0vfwW9ufY1C+KBtyRirfXDOiOP3J:CHsnD8/gb/zyDv9f0HD9FC+KBtyR6/DM

Score

10^/10

mirai lzrd discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c0a2482d67bbdbbdf22328d63bc1018e

Resource

debian9-mipsbe-20240226-en

debian-9-mips

7 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  c0a2482d67bbdbbdf22328d63bc1018e
- Size
  
  87KB
- MD5
  
  c0a2482d67bbdbbdf22328d63bc1018e
- SHA1
  
  8573468abca33e0e9fbf86cd16180ec06782b54b
- SHA256
  
  4193d53ba0e6cc2f9f341ed932d2afc4dafe7f92ba6019573157b9dd951fdc57
- SHA512
  
  75c0a9639f097ec77c3600c4a722199e0e32917d73089a53a9fd6b2d421dfdde833211d886956d2fd70061b67d53768ed3e4ad69320a2ba16aeefa87d1f05458
- SSDEEP
  
  1536:1YRdsnDd6C6gb/ZVyDYjMbwqZ9f0vfwW9ufY1C+KBtyRirfXDOiOP3J:CHsnD8/gb/zyDv9f0HD9FC+KBtyR6/DM
Score

9^/10

discovery
- Contacts a large (20410) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy