Malware Analysis Report

2024-11-13 18:02

Sample ID 241109-qyhvbsvjd1
Target dlr.x86.elf
SHA256 a93ea3bd1c97ecba63c0697f6fa2fd84ba1f7fbae6108a623355ee0193b32425
Tags
mirai lzrd botnet
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

a93ea3bd1c97ecba63c0697f6fa2fd84ba1f7fbae6108a623355ee0193b32425

Threat Level: Known bad

The file dlr.x86.elf was found to be: Known bad.

Malicious Activity Summary

mirai lzrd botnet

Mirai

Mirai family

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-11-09 13:40

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-09 13:40

Reported

2024-11-09 13:42

Platform

ubuntu2404-amd64-20240729-en

Max time kernel

1s

Max time network

128s

Command Line

[/tmp/dlr.x86.elf]

Signatures

Mirai

botnet mirai

Mirai family

mirai

Processes

/tmp/dlr.x86.elf

[/tmp/dlr.x86.elf]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 154.216.16.127:80 154.216.16.127 tcp

Files

/tmp/byte

MD5 34ef09c6bfa12c8bb0a4eb1111163f49
SHA1 374e5712df7fba870afd7c7897c5bc23ba205f61
SHA256 537907609ffc903d04b1aa5309d9bd02b95a31f343763ae83cd61f9c1b797438
SHA512 4aecdc6165268aa3a214581b5bb1311ebd17b9a7f573fc45a914fd3c1b7c38faffbe7ca21628ca37752417c8270a66fa34d544a4e315271f462dd31953bd902f