mirai | bf1fedba1e7390e1dfbdc9c457becad2f648225f4b47f46e73f39a0b1399e86b | Triage

Resubmissions

18-03-2024 18:38

240318-w984jsga5v 10

18-03-2024 18:33

240318-w7kceafh6s 10

Sharing

General

Target

bf1fedba1e7390e1dfbdc9c457becad2f648225f4b47f46e73f39a0b1399e86b.elf
Size

1.5MB
Sample

240318-w984jsga5v
MD5

f7238b04094dc492ab999e2811657cb5
SHA1

8f3724105b9c2bedf7519684b0ec3b0bd203d483
SHA256

bf1fedba1e7390e1dfbdc9c457becad2f648225f4b47f46e73f39a0b1399e86b
SHA512

14c32713a749e245a4887a8c5c02a9ace1f2a160613de0d0c16f9b58bd130e04500a488893ca42095bf33c501b3bd990dbb917ca85706846ee741914cec55e5b
SSDEEP

24576:Cfnxp8kJVX5PSWFB5+ulIaN4TueJv6sMgH8gBWlSZeFdgPnvh:CfoknuMesIHzWdgPnp

Score

10^/10

mirai lzrd botnet persistence

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  bf1fedba1e7390e1dfbdc9c457becad2f648225f4b47f46e73f39a0b1399e86b.elf
- Size
  
  1.5MB
- MD5
  
  f7238b04094dc492ab999e2811657cb5
- SHA1
  
  8f3724105b9c2bedf7519684b0ec3b0bd203d483
- SHA256
  
  bf1fedba1e7390e1dfbdc9c457becad2f648225f4b47f46e73f39a0b1399e86b
- SHA512
  
  14c32713a749e245a4887a8c5c02a9ace1f2a160613de0d0c16f9b58bd130e04500a488893ca42095bf33c501b3bd990dbb917ca85706846ee741914cec55e5b
- SSDEEP
  
  24576:Cfnxp8kJVX5PSWFB5+ulIaN4TueJv6sMgH8gBWlSZeFdgPnvh:CfoknuMesIHzWdgPnp
Score

10^/10

mirai lzrd botnet persistence
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  persistence
- Modifies init.d
  Adds/modifies system service, likely for persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mirailzrdbotnetpersistence