mirai | e590feb2ce6af402042fffe39bb0a568fc2016cd25625129e6bbf64639aa32ed | Triage

Submit
Reports

Overview

overview

Static

static

7

fb7f27c9df...kes118

ubuntu-18.04-amd64

Sharing

General

Target

fb7f27c9df23dcd5fa7bab3bf0ac4135_JaffaCakes118
Size

27KB
Sample

240420-anaszabc88
MD5

fb7f27c9df23dcd5fa7bab3bf0ac4135
SHA1

0c2d8b9ace849dd4e032a85b6546a77de75187ea
SHA256

e590feb2ce6af402042fffe39bb0a568fc2016cd25625129e6bbf64639aa32ed
SHA512

53359f20c0acff7d0e8f3105841a752d8836b86b702441dfd39377492c91c5654150af856b7b62573a80db3bfad33b1369a56542a646047a235b11752fbe4f65
SSDEEP

768:uTCjy36BnC/FOzQiYADu9FIMxIGDgL3kKfYwN:ZzBnC/EzQiYMurpxIGDu3ko

Score

10^/10

mirai lzrd botnet discovery linux upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

fb7f27c9df23dcd5fa7bab3bf0ac4135_JaffaCakes118

Resource

ubuntu1804-amd64-20240226-en

mirai lzrd botnet discovery

ubuntu-18.04-amd64

4 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  fb7f27c9df23dcd5fa7bab3bf0ac4135_JaffaCakes118
- Size
  
  27KB
- MD5
  
  fb7f27c9df23dcd5fa7bab3bf0ac4135
- SHA1
  
  0c2d8b9ace849dd4e032a85b6546a77de75187ea
- SHA256
  
  e590feb2ce6af402042fffe39bb0a568fc2016cd25625129e6bbf64639aa32ed
- SHA512
  
  53359f20c0acff7d0e8f3105841a752d8836b86b702441dfd39377492c91c5654150af856b7b62573a80db3bfad33b1369a56542a646047a235b11752fbe4f65
- SSDEEP
  
  768:uTCjy36BnC/FOzQiYADu9FIMxIGDgL3kKfYwN:ZzBnC/EzQiYMurpxIGDu3ko
Score

10^/10

mirai lzrd botnet discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (20608) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

mirailzrdbotnetdiscovery

© 2018-2024

Terms | Privacy