mirai | e76d37dc584871945719a86adc02d4f041aca86465872590cfb208cd57c46cb1 | Triage

Sharing

General

Target

e76d37dc584871945719a86adc02d4f041aca86465872590cfb208cd57c46cb1.elf
Size

32KB
Sample

240507-b85phsda7v
MD5

43e11544aaec72564d64c7116c5f78dd
SHA1

e14dd28ceebb013e8e4c3b60699b6e294477aa1f
SHA256

e76d37dc584871945719a86adc02d4f041aca86465872590cfb208cd57c46cb1
SHA512

126a0ec228a3aa101b944a6a8b2e4dd9805396adea6a2d3e7f985c611899ecdb0430b0c6e86aa4c4eb75bd3f3d310217e5390ac58eac50d60182a3a397e05d1b
SSDEEP

768:y0ccAAbmczyM7yAdRJkM/EUMXy5NjK7Xl5Th3/BNBahO:RBPDNLJkM/xnSrBNBEO

Score

10^/10

mirai lzrd botnet linux upx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  e76d37dc584871945719a86adc02d4f041aca86465872590cfb208cd57c46cb1.elf
- Size
  
  32KB
- MD5
  
  43e11544aaec72564d64c7116c5f78dd
- SHA1
  
  e14dd28ceebb013e8e4c3b60699b6e294477aa1f
- SHA256
  
  e76d37dc584871945719a86adc02d4f041aca86465872590cfb208cd57c46cb1
- SHA512
  
  126a0ec228a3aa101b944a6a8b2e4dd9805396adea6a2d3e7f985c611899ecdb0430b0c6e86aa4c4eb75bd3f3d310217e5390ac58eac50d60182a3a397e05d1b
- SSDEEP
  
  768:y0ccAAbmczyM7yAdRJkM/EUMXy5NjK7Xl5Th3/BNBahO:RBPDNLJkM/xnSrBNBEO
Score

10^/10

mirai lzrd botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mirailzrdbotnet