Overview

overview

10

Static

static

5

e27460f82d...4f.elf

ubuntu-18.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6f30551085376afd0fe00be9cd7964a4.bin

  • Size

    35KB

  • Sample

    241112-bqkavs1gmn

  • MD5

    1588e1ed5081099480253412a12f60ef

  • SHA1

    28db262102a8f34e0e72fd7528a77580fc33641c

  • SHA256

    ee3db66c7b0e5d166b27efbf776597c9e5b5bfaeaa0597f6a6a1160423b2616c

  • SHA512

    6d0ed463bd99e04122c6dd89e24f7e82eccc4d7e5ff4326f2d4b134eb1f4f2e8b5ac59c6355f41b123c8b3471ff3ea32e365fa9842f70dae0b1af51f214b937f

  • SSDEEP

    768:6b9sWid1AYl1O7KBydTRuK0A+xqUmnTCMvReG:6xsWid1budIDAb3R7

Score
10/10
mirailzrdbotnetdefense_evasiondiscoverylinuxupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      e27460f82d4b29d46e902573c344ea43fb28f87441508232d8fdb1a0eb47a74f.elf

    • Size

      36KB

    • MD5

      6f30551085376afd0fe00be9cd7964a4

    • SHA1

      0543929d23cd2cf8a8e77e1f335134913e60770f

    • SHA256

      e27460f82d4b29d46e902573c344ea43fb28f87441508232d8fdb1a0eb47a74f

    • SHA512

      91739913bb1bef30f17b6a354c58f0eb7e8520615cb7afae05ff4cad05707ac47dc30b24bf0ec14b7a3a0fc4c6816247c667274dbe6873db6f2e2c9f38c598ec

    • SSDEEP

      768:/JLR/W7ThZdFW7v2ZJdNWK/fPquiYKqdlqGNX0wiXuDAisdEkGoxETWx0J:xV2zdITqJnqu3dTVLOdZGEXQ

    Score
    10/10
    mirailzrdbotnetdefense_evasiondiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks