mirai | d1b8fe918f0baa5caa3261e64f22a5c680eab278c57fbedd3b990a27cf677bc1 | Triage

Sharing

General

Target

ub8ehJSePAfc9FYqZIT6.x86_64.elf
Size

78KB
Sample

241113-q3jbnasmbw
MD5

ad7cf51c3a7814b58d8eb586f23bf0cc
SHA1

2b92c49d7db83feb5f0acc5684b1fcc3aa3d0624
SHA256

d1b8fe918f0baa5caa3261e64f22a5c680eab278c57fbedd3b990a27cf677bc1
SHA512

b3e9ad817554cea0732d41819ba7eaaf6abf532464eabe874318f105e2691517d3814a719cad703e05b7bb1702310aee6a3fc18b1b661cbf34fed6d8e9b400e8
SSDEEP

1536:gtQ59MwY2MhldlO+ttM98cKJdxZZxJ+BAQoEQ1It3R+yd5bUWarW8j0tZxH1c2Ym:gfwfsdlX/3AnmM

Score

10^/10

mirai lzrd defense_evasion discovery linux

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  ub8ehJSePAfc9FYqZIT6.x86_64.elf
- Size
  
  78KB
- MD5
  
  ad7cf51c3a7814b58d8eb586f23bf0cc
- SHA1
  
  2b92c49d7db83feb5f0acc5684b1fcc3aa3d0624
- SHA256
  
  d1b8fe918f0baa5caa3261e64f22a5c680eab278c57fbedd3b990a27cf677bc1
- SHA512
  
  b3e9ad817554cea0732d41819ba7eaaf6abf532464eabe874318f105e2691517d3814a719cad703e05b7bb1702310aee6a3fc18b1b661cbf34fed6d8e9b400e8
- SSDEEP
  
  1536:gtQ59MwY2MhldlO+ttM98cKJdxZZxJ+BAQoEQ1It3R+yd5bUWarW8j0tZxH1c2Ym:gfwfsdlX/3AnmM
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery