General
-
Target
1.sh
-
Size
2KB
-
Sample
241225-jqdr3s1ndr
-
MD5
f4851a3204539048964a4c54ae3802a3
-
SHA1
0c8507b985f3ae1ae758b5954cbe932419109bdd
-
SHA256
1d3098bddc2fba5485bb668b5da435ac0d740f8ec7b80d4f1a87e2f43a22ab91
-
SHA512
03f75f8f44c3259293734a04aa854fb1057172ebc51ee5277ecc63f2b5ba894d6c2163cf48467e8003b0e979ad613bfe6bf1c2be192fd5d1c92627592a5ad6a3
Static task
static1
Behavioral task
behavioral1
Sample
1.sh
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
1.sh
Resource
debian9-armhf-20240729-en
Behavioral task
behavioral3
Sample
1.sh
Resource
debian9-mipsbe-20240611-en
Malware Config
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Targets
-
-
Target
1.sh
-
Size
2KB
-
MD5
f4851a3204539048964a4c54ae3802a3
-
SHA1
0c8507b985f3ae1ae758b5954cbe932419109bdd
-
SHA256
1d3098bddc2fba5485bb668b5da435ac0d740f8ec7b80d4f1a87e2f43a22ab91
-
SHA512
03f75f8f44c3259293734a04aa854fb1057172ebc51ee5277ecc63f2b5ba894d6c2163cf48467e8003b0e979ad613bfe6bf1c2be192fd5d1c92627592a5ad6a3
-
Mirai family
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Impair Defenses
1Virtualization/Sandbox Evasion
1System Checks
1