Overview

overview

10

Static

static

7

jj.x86

ubuntu-20.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    jj.x86

  • Size

    25KB

  • Sample

    240417-edzfssed6w

  • MD5

    f36effcde464d955a70b30db46ae037c

  • SHA1

    72ba055e4ae9d4ea393e91ff875ce80f8ea320f9

  • SHA256

    acd64831abe65ab67ec3140e664bceae1ad9ea47af8f8e7e91d738951d1fb074

  • SHA512

    f17f1009af7635182371aa10a935e72fab5ab59810f1e7f38ad630a034e1b37ad74e57463bbaa1e55ee714f4db58090fbddf548750a78efb76e8fa3a02b63faf

  • SSDEEP

    384:M+vESEONdjOL+jtbriI+orLz80JGFiVx1eLmgnNYwU5ceKFV1KbUdnByF73ow49y:ES7N1O4BAg8Wt1MpNYLKFHHByF30sTb3

Score
10/10
mirailzrdbotnetlinuxupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

C2

www.sushiking.world

s.sushiking.world

Targets

    • Target

      jj.x86

    • Size

      25KB

    • MD5

      f36effcde464d955a70b30db46ae037c

    • SHA1

      72ba055e4ae9d4ea393e91ff875ce80f8ea320f9

    • SHA256

      acd64831abe65ab67ec3140e664bceae1ad9ea47af8f8e7e91d738951d1fb074

    • SHA512

      f17f1009af7635182371aa10a935e72fab5ab59810f1e7f38ad630a034e1b37ad74e57463bbaa1e55ee714f4db58090fbddf548750a78efb76e8fa3a02b63faf

    • SSDEEP

      384:M+vESEONdjOL+jtbriI+orLz80JGFiVx1eLmgnNYwU5ceKFV1KbUdnByF73ow49y:ES7N1O4BAg8Wt1MpNYLKFHHByF30sTb3

    Score
    10/10
    mirailzrdbotnet

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

1
T1562

Credential Access

Discovery

System Network Connections Discovery

1
T1049

System Network Configuration Discovery

1
T1016

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks