mirai | 501f1c58d1f02c1509ce69b664eee87f9a810ea9da36dd2dae8dfde57b2830ef | Triage

Sharing

General

Target

ub8ehJSePAfc9FYqZIT6.arm6.elf
Size

96KB
Sample

241113-rv9z3stdkg
MD5

50764748025fde68ca734cbb0dbb7d5f
SHA1

44cde5575433851efe7453f2e16e70eb6d550b36
SHA256

501f1c58d1f02c1509ce69b664eee87f9a810ea9da36dd2dae8dfde57b2830ef
SHA512

ebef93a907d6a08a164d8cbf8694fcb9e6132b559abc80b8a6a2d401725ec06b8761b588a25458083f35f588bcf86dd3d07a6b7ba40c49314cdf95048eb86e19
SSDEEP

1536:nXnpuoZnZ4N5Q029rn5bzi1ARLBKUY4mYhbyMOrlcDZlmcKqF36riFNYIGYVKWdR:MSaNNcJBB3Ir2ZlmcKMFN1DUEJ

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  ub8ehJSePAfc9FYqZIT6.arm6.elf
- Size
  
  96KB
- MD5
  
  50764748025fde68ca734cbb0dbb7d5f
- SHA1
  
  44cde5575433851efe7453f2e16e70eb6d550b36
- SHA256
  
  501f1c58d1f02c1509ce69b664eee87f9a810ea9da36dd2dae8dfde57b2830ef
- SHA512
  
  ebef93a907d6a08a164d8cbf8694fcb9e6132b559abc80b8a6a2d401725ec06b8761b588a25458083f35f588bcf86dd3d07a6b7ba40c49314cdf95048eb86e19
- SSDEEP
  
  1536:nXnpuoZnZ4N5Q029rn5bzi1ARLBKUY4mYhbyMOrlcDZlmcKqF36riFNYIGYVKWdR:MSaNNcJBB3Ir2ZlmcKMFN1DUEJ
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery