Overview

overview

10

Static

static

7

baea0f220c...59.elf

debian-12-mipsel

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    baea0f220cc54868922b02f1f09c5459.elf

  • Size

    24KB

  • Sample

    240408-af2xgsag3s

  • MD5

    baea0f220cc54868922b02f1f09c5459

  • SHA1

    15eeefd777db67d4e963a46c3c826eef34dc91af

  • SHA256

    8919d8299bed5b598eb38f4fa74757cd081043a39327c84edcab0d4e099b9b24

  • SHA512

    c27a3ad9b0c6e8dfcf5263ef986c7709e65d9ad4785781d96d2d5d52ff245170d57a4fcdd84182079de25502f7fc8f6de34d49b848d656e1c81ac9deee339332

  • SSDEEP

    768:obrQlS07dEv0UXqUhvQE+CXF5k7D4Kp18MMnDZqSWvsS:4QlS07FUXqIYSXFRKTWVqUS

Score
10/10
mirailzrdbotnetupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      baea0f220cc54868922b02f1f09c5459.elf

    • Size

      24KB

    • MD5

      baea0f220cc54868922b02f1f09c5459

    • SHA1

      15eeefd777db67d4e963a46c3c826eef34dc91af

    • SHA256

      8919d8299bed5b598eb38f4fa74757cd081043a39327c84edcab0d4e099b9b24

    • SHA512

      c27a3ad9b0c6e8dfcf5263ef986c7709e65d9ad4785781d96d2d5d52ff245170d57a4fcdd84182079de25502f7fc8f6de34d49b848d656e1c81ac9deee339332

    • SSDEEP

      768:obrQlS07dEv0UXqUhvQE+CXF5k7D4Kp18MMnDZqSWvsS:4QlS07FUXqIYSXFRKTWVqUS

    Score
    10/10
    mirailzrdbotnet

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Hijack Execution Flow

1
T1574

Privilege Escalation

Hijack Execution Flow

1
T1574

Defense Evasion

Impair Defenses

1
T1562

Hijack Execution Flow

1
T1574

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks