mirai | 03d81203018c2c61e0ed6806a66e17a58cad8e2403a9f7624e202e1ee3fd4663 | Triage

Submit
Reports

Overview

overview

Static

static

1

d814a1dd2a...kes118

debian-12-mipsel

Sharing

General

Target

d814a1dd2acc0ccbb2f8636681d6f1a4_JaffaCakes118
Size

32KB
Sample

241208-vgwgbavjbn
MD5

d814a1dd2acc0ccbb2f8636681d6f1a4
SHA1

04d9a8eacdd602b9ee3552bb030996cd040aceeb
SHA256

03d81203018c2c61e0ed6806a66e17a58cad8e2403a9f7624e202e1ee3fd4663
SHA512

49860e0b4bc8e563ddc97eaf430ee0abe5f0dd21af93ca64b1cbe2c81ccde37291490d55b8fe021d2fbb6bf9688328b1644a1f9a43e7ca08ff9852f878bc2e46
SSDEEP

384:GatIUSvIisL8qvXPy2iYEwNXEu8+SbcHs1mijnxLaebQyXr4RSPY2enkYluI+iAt:FIUAsYaXP6yM5jJzn4qM1lKHcLmWRU

Score

10^/10

mirai lzrd botnet defense_evasion discovery

Static task

static1

Behavioral task

behavioral1

Sample

d814a1dd2acc0ccbb2f8636681d6f1a4_JaffaCakes118

Resource

debian12-mipsel-20240221-en

mirai lzrd botnet defense_evasion discovery

debian-12-mipsel

6 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  d814a1dd2acc0ccbb2f8636681d6f1a4_JaffaCakes118
- Size
  
  32KB
- MD5
  
  d814a1dd2acc0ccbb2f8636681d6f1a4
- SHA1
  
  04d9a8eacdd602b9ee3552bb030996cd040aceeb
- SHA256
  
  03d81203018c2c61e0ed6806a66e17a58cad8e2403a9f7624e202e1ee3fd4663
- SHA512
  
  49860e0b4bc8e563ddc97eaf430ee0abe5f0dd21af93ca64b1cbe2c81ccde37291490d55b8fe021d2fbb6bf9688328b1644a1f9a43e7ca08ff9852f878bc2e46
- SSDEEP
  
  384:GatIUSvIisL8qvXPy2iYEwNXEu8+SbcHs1mijnxLaebQyXr4RSPY2enkYluI+iAt:FIUAsYaXP6yM5jJzn4qM1lKHcLmWRU
Score

10^/10

mirai lzrd botnet defense_evasion discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Mirai family
  mirai
- Contacts a large (23509) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mirailzrdbotnetdefense_evasiondiscovery

© 2018-2025

Terms | Privacy