Overview

overview

10

Static

static

5

2f882b8fa0...c3.elf

ubuntu-22.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2f882b8fa0034f325963d7bad1fa9cc700dfed1b3d67c67e951f9f5d68ae16c3.elf

  • Size

    20KB

  • Sample

    241215-clp6zssqdq

  • MD5

    7e25ff4f6a673ee07eb58fc4bebb2c2b

  • SHA1

    2f140e2ad8a685b3e05c024f1338480db4f2b114

  • SHA256

    2f882b8fa0034f325963d7bad1fa9cc700dfed1b3d67c67e951f9f5d68ae16c3

  • SHA512

    957adddd31722dc15365e2de47596bea338c83a14bc58e6bcfdaf266226e53881f0a152e85faf2b55dc74d4910cd2c2226eadfdd125e92dd964478c845c3e958

  • SSDEEP

    384:M0DLpj8s/qPui8uZxoIA57RWQjJiEVi+ZkXaqOKV14b+502F2vwA9dWuMW21bAKu:x98o08kxofBE+ZkXaqGbp2F2TWul0c5r

Score
10/10
mirailzrdbotnetdefense_evasiondiscoverylinuxupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      2f882b8fa0034f325963d7bad1fa9cc700dfed1b3d67c67e951f9f5d68ae16c3.elf

    • Size

      20KB

    • MD5

      7e25ff4f6a673ee07eb58fc4bebb2c2b

    • SHA1

      2f140e2ad8a685b3e05c024f1338480db4f2b114

    • SHA256

      2f882b8fa0034f325963d7bad1fa9cc700dfed1b3d67c67e951f9f5d68ae16c3

    • SHA512

      957adddd31722dc15365e2de47596bea338c83a14bc58e6bcfdaf266226e53881f0a152e85faf2b55dc74d4910cd2c2226eadfdd125e92dd964478c845c3e958

    • SSDEEP

      384:M0DLpj8s/qPui8uZxoIA57RWQjJiEVi+ZkXaqOKV14b+502F2vwA9dWuMW21bAKu:x98o08kxofBE+ZkXaqGbp2F2TWul0c5r

    Score
    10/10
    mirailzrdbotnetdefense_evasiondiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks