mirai | 4c395d3dc437c2555afeef40fb80444c5a064e5783545ad057e0957412c1ce57 | Triage

Submit
Reports

Overview

overview

Static

static

7

4c395d3dc4...57.elf

debian-9-mipsel

Sharing

Copy URL Twitter E-mail

General

Target

4c395d3dc437c2555afeef40fb80444c5a064e5783545ad057e0957412c1ce57.elf
Size

33KB
Sample

240912-bypwbathph
MD5

65b6addc2390a77ab736810c77e77a7f
SHA1

46838f4bb68bdb345f8da80a56f792483912ee10
SHA256

4c395d3dc437c2555afeef40fb80444c5a064e5783545ad057e0957412c1ce57
SHA512

5cf51b645aec3458fa4c223fc59011faab477ce438ee72871b07be45f5470ebb61e165dbf356d9c63ef162bea8cc2b15c73abd5f9e3d71a7520f618b0cf09886
SSDEEP

384:d6w1SWoC/LTxdh0xBbasNu7HHmg4oHIdgQ2BaCW3OXr3rhMwtZanrrsyT3kI7A/q:dB0WtXxX4FW7HSgfwOb5tZI/xjLU/LWb

Score

10^/10

mirai lzrd botnet defense_evasion discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4c395d3dc437c2555afeef40fb80444c5a064e5783545ad057e0957412c1ce57.elf

Resource

debian9-mipsel-20240226-en

mirai lzrd botnet defense_evasion discovery

debian-9-mipsel

5 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  4c395d3dc437c2555afeef40fb80444c5a064e5783545ad057e0957412c1ce57.elf
- Size
  
  33KB
- MD5
  
  65b6addc2390a77ab736810c77e77a7f
- SHA1
  
  46838f4bb68bdb345f8da80a56f792483912ee10
- SHA256
  
  4c395d3dc437c2555afeef40fb80444c5a064e5783545ad057e0957412c1ce57
- SHA512
  
  5cf51b645aec3458fa4c223fc59011faab477ce438ee72871b07be45f5470ebb61e165dbf356d9c63ef162bea8cc2b15c73abd5f9e3d71a7520f618b0cf09886
- SSDEEP
  
  384:d6w1SWoC/LTxdh0xBbasNu7HHmg4oHIdgQ2BaCW3OXr3rhMwtZanrrsyT3kI7A/q:dB0WtXxX4FW7HSgfwOb5tZI/xjLU/LWb
Score

10^/10

mirai lzrd botnet defense_evasion discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Contacts a large (20342) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mirailzrdbotnetdefense_evasiondiscovery

© 2018-2025

Terms | Privacy