mirai | fc03a4fb38ed1ef9da5812a2243a65975d2fdeb6d555a9d59c839359fa79722b | Triage

Sharing

General

Target

fc03a4fb38ed1ef9da5812a2243a65975d2fdeb6d555a9d59c839359fa79722b.elf
Size

174KB
Sample

241214-rl28wavkdz
MD5

19547bbc78e371f9cc8720cd4507b8cd
SHA1

dd89d08565c3bfb4b0f7035138f0041dcf674b76
SHA256

fc03a4fb38ed1ef9da5812a2243a65975d2fdeb6d555a9d59c839359fa79722b
SHA512

a81cb1aafef9ecd3fd1427004276b251af45e04c90d691198b7ca56d63fa109575d785b7c09c4f07dccafc2c7aa3a49f559474f55893b8ac6718a0a25e22b068
SSDEEP

3072:hPaJa2+7oLmpMguHcUZVUHalw7W4uH0fsfCikyAaTpUnu1A6YVZP6QEt+q4eMXCD:hPaJaL7oLmpMguHcUZVUHalw7W4uH0fg

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  fc03a4fb38ed1ef9da5812a2243a65975d2fdeb6d555a9d59c839359fa79722b.elf
- Size
  
  174KB
- MD5
  
  19547bbc78e371f9cc8720cd4507b8cd
- SHA1
  
  dd89d08565c3bfb4b0f7035138f0041dcf674b76
- SHA256
  
  fc03a4fb38ed1ef9da5812a2243a65975d2fdeb6d555a9d59c839359fa79722b
- SHA512
  
  a81cb1aafef9ecd3fd1427004276b251af45e04c90d691198b7ca56d63fa109575d785b7c09c4f07dccafc2c7aa3a49f559474f55893b8ac6718a0a25e22b068
- SSDEEP
  
  3072:hPaJa2+7oLmpMguHcUZVUHalw7W4uH0fsfCikyAaTpUnu1A6YVZP6QEt+q4eMXCD:hPaJaL7oLmpMguHcUZVUHalw7W4uH0fg
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery