mirai | 07436ba06220ede5338f7f770e7c6a660f11e3bbebba6c92d5988d5f512b4983 | Triage

Sharing

General

Target

07436ba06220ede5338f7f770e7c6a660f11e3bbebba6c92d5988d5f512b4983.elf
Size

118KB
Sample

241214-cjsjbsvjgp
MD5

034bae419c844c89b42d2b39200d15ca
SHA1

3cfaf658fc0bf57fd431c430693cff7a342781bc
SHA256

07436ba06220ede5338f7f770e7c6a660f11e3bbebba6c92d5988d5f512b4983
SHA512

a08cc0ec6b0012dd5b816b0ea12773b289a80ed8322751c855d71b9aa397f8193c0db3f1b193e92f1ac80b23a6dc02ddbfa9d730cb220e23fa54534653ab0083
SSDEEP

1536:BGmnLpEKrHc9o8uGC9KF86e//F7ogl/f4ZLpL35FstAPeemQSl61d6vZgum:RLuKrHc3Cd5ln4vRaQS44Zg

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  07436ba06220ede5338f7f770e7c6a660f11e3bbebba6c92d5988d5f512b4983.elf
- Size
  
  118KB
- MD5
  
  034bae419c844c89b42d2b39200d15ca
- SHA1
  
  3cfaf658fc0bf57fd431c430693cff7a342781bc
- SHA256
  
  07436ba06220ede5338f7f770e7c6a660f11e3bbebba6c92d5988d5f512b4983
- SHA512
  
  a08cc0ec6b0012dd5b816b0ea12773b289a80ed8322751c855d71b9aa397f8193c0db3f1b193e92f1ac80b23a6dc02ddbfa9d730cb220e23fa54534653ab0083
- SSDEEP
  
  1536:BGmnLpEKrHc9o8uGC9KF86e//F7ogl/f4ZLpL35FstAPeemQSl61d6vZgum:RLuKrHc3Cd5ln4vRaQS44Zg
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery