mirai | ac235af3909684e6ffd2e4d6271086b84d4a8b6e4f9009f4877beb0a9ecdcd2d | Triage

Submit
Reports

Overview

overview

Static

static

arm.elf

debian-9-armhf

9

Sharing

General

Target

arm.elf
Size

76KB
Sample

241130-zrj89avnew
MD5

751d7355900a752e8e45714f4985430e
SHA1

d4fcc48f9fd858c5dadf815172276d8d44183d3f
SHA256

ac235af3909684e6ffd2e4d6271086b84d4a8b6e4f9009f4877beb0a9ecdcd2d
SHA512

9271a954198ac408d6458830c9d87666e1781de96f49dc67be2eb65c25c56eac5ad2917e4a19585534ad4e83fc464425bdafbb1eabe1dfe4dd290134cd581253
SSDEEP

1536:ThY2PMyjy2Xqz7O8WzV2mZjj75xl3w6+TM7W05SG4AJeZWfnb8s6eGM:ThY2PJw6+70kG4cwCnbyeP

Score

10^/10

mirai lzrd defense_evasion discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

arm.elf

Resource

debian9-armhf-20240611-en

defense_evasion discovery

debian-9-armhf

5 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  arm.elf
- Size
  
  76KB
- MD5
  
  751d7355900a752e8e45714f4985430e
- SHA1
  
  d4fcc48f9fd858c5dadf815172276d8d44183d3f
- SHA256
  
  ac235af3909684e6ffd2e4d6271086b84d4a8b6e4f9009f4877beb0a9ecdcd2d
- SHA512
  
  9271a954198ac408d6458830c9d87666e1781de96f49dc67be2eb65c25c56eac5ad2917e4a19585534ad4e83fc464425bdafbb1eabe1dfe4dd290134cd581253
- SSDEEP
  
  1536:ThY2PMyjy2Xqz7O8WzV2mZjj75xl3w6+TM7W05SG4AJeZWfnb8s6eGM:ThY2PJw6+70kG4cwCnbyeP
Score

9^/10

defense_evasion discovery
- Contacts a large (19852) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy