General
-
Target
c2688b90a1a2a5833e5ae2615d293da746c03c300413e39a14ff40ecc332c7f1.sh
-
Size
3KB
-
Sample
241224-ge37gssjhs
-
MD5
8cadf8766bc5de0f7f7df9bf000cd0aa
-
SHA1
fa6c2f9c7a20a3c1c6831d859d4b809aadf49567
-
SHA256
c2688b90a1a2a5833e5ae2615d293da746c03c300413e39a14ff40ecc332c7f1
-
SHA512
8859f146c24023b97e34f53eda375ce9a0df64037806c86271d00a596a37097afbb7cfa4ffe1df2d58b4ed252fb048277ae8c3fc304be1551a33541390c8bac2
Static task
static1
Behavioral task
behavioral1
Sample
c2688b90a1a2a5833e5ae2615d293da746c03c300413e39a14ff40ecc332c7f1.sh
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
c2688b90a1a2a5833e5ae2615d293da746c03c300413e39a14ff40ecc332c7f1.sh
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral3
Sample
c2688b90a1a2a5833e5ae2615d293da746c03c300413e39a14ff40ecc332c7f1.sh
Resource
debian9-mipsbe-20240418-en
Malware Config
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Targets
-
-
Target
c2688b90a1a2a5833e5ae2615d293da746c03c300413e39a14ff40ecc332c7f1.sh
-
Size
3KB
-
MD5
8cadf8766bc5de0f7f7df9bf000cd0aa
-
SHA1
fa6c2f9c7a20a3c1c6831d859d4b809aadf49567
-
SHA256
c2688b90a1a2a5833e5ae2615d293da746c03c300413e39a14ff40ecc332c7f1
-
SHA512
8859f146c24023b97e34f53eda375ce9a0df64037806c86271d00a596a37097afbb7cfa4ffe1df2d58b4ed252fb048277ae8c3fc304be1551a33541390c8bac2
-
Mirai family
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Impair Defenses
1Virtualization/Sandbox Evasion
1System Checks
1