General

  • Target

    1.sh

  • Size

    2KB

  • Sample

    241225-jqdr3s1ndr

  • MD5

    f4851a3204539048964a4c54ae3802a3

  • SHA1

    0c8507b985f3ae1ae758b5954cbe932419109bdd

  • SHA256

    1d3098bddc2fba5485bb668b5da435ac0d740f8ec7b80d4f1a87e2f43a22ab91

  • SHA512

    03f75f8f44c3259293734a04aa854fb1057172ebc51ee5277ecc63f2b5ba894d6c2163cf48467e8003b0e979ad613bfe6bf1c2be192fd5d1c92627592a5ad6a3

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Extracted

Family

mirai

Botnet

LZRD

Extracted

Family

mirai

Botnet

LZRD

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      1.sh

    • Size

      2KB

    • MD5

      f4851a3204539048964a4c54ae3802a3

    • SHA1

      0c8507b985f3ae1ae758b5954cbe932419109bdd

    • SHA256

      1d3098bddc2fba5485bb668b5da435ac0d740f8ec7b80d4f1a87e2f43a22ab91

    • SHA512

      03f75f8f44c3259293734a04aa854fb1057172ebc51ee5277ecc63f2b5ba894d6c2163cf48467e8003b0e979ad613bfe6bf1c2be192fd5d1c92627592a5ad6a3

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks