mirai | 87a060aa73b265bb4a4336636cb698bfbbb2816b102f4363412ec0ff12f272fc | Triage

Submit
Reports

Overview

overview

Static

static

7

87a060aa73...fc.elf

debian-12-mipsel

Sharing

General

Target

87a060aa73b265bb4a4336636cb698bfbbb2816b102f4363412ec0ff12f272fc.elf
Size

28KB
Sample

240426-bqpwcagh67
MD5

5fcf827521ca236e06e8de70b29f294b
SHA1

323ee4bc5f95705700f6d942d017f230f59de0fd
SHA256

87a060aa73b265bb4a4336636cb698bfbbb2816b102f4363412ec0ff12f272fc
SHA512

04324901cb24d9d83db6eb7a3fda5f37266099c67e1be66afe816890462a2a67946976eb25259ffd890e851f4df4381c474220260da9b853173ce7bda58cafbf
SSDEEP

384:lZafyAaXspkybkZwe3WKU7vUMiFTygskWwdn5ojl/Yx00b1GPVRzqjXrPpxy0XRn:l+y1XsBbd8Xy3jgoA5kl/glw9RopnBW6

Score

10^/10

mirai lzrd botnet upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

87a060aa73b265bb4a4336636cb698bfbbb2816b102f4363412ec0ff12f272fc.elf

Resource

debian12-mipsel-20240221-en

mirai lzrd botnet

debian-12-mipsel

6 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

LZRD

C2

www.sushiking.world

s.sushiking.world

Targets

- Target
  
  87a060aa73b265bb4a4336636cb698bfbbb2816b102f4363412ec0ff12f272fc.elf
- Size
  
  28KB
- MD5
  
  5fcf827521ca236e06e8de70b29f294b
- SHA1
  
  323ee4bc5f95705700f6d942d017f230f59de0fd
- SHA256
  
  87a060aa73b265bb4a4336636cb698bfbbb2816b102f4363412ec0ff12f272fc
- SHA512
  
  04324901cb24d9d83db6eb7a3fda5f37266099c67e1be66afe816890462a2a67946976eb25259ffd890e851f4df4381c474220260da9b853173ce7bda58cafbf
- SSDEEP
  
  384:lZafyAaXspkybkZwe3WKU7vUMiFTygskWwdn5ojl/Yx00b1GPVRzqjXrPpxy0XRn:l+y1XsBbd8Xy3jgoA5kl/glw9RopnBW6
Score

10^/10

mirai lzrd botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Connections Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

mirailzrdbotnet

© 2018-2024

Terms | Privacy