mirai | 6af1aed67c38f6e2a207c731347ecb984d8545ea7d2a4e2811f3e81702b3a889 | Triage

Sharing

General

Target

6af1aed67c38f6e2a207c731347ecb984d8545ea7d2a4e2811f3e81702b3a889.elf
Size

106KB
Sample

241228-cw6aysvjgl
MD5

5eb2edce17e55a31ffa388ae08ba6245
SHA1

79f5b95ccb89ec9375e083e2e78d8cffa107ab40
SHA256

6af1aed67c38f6e2a207c731347ecb984d8545ea7d2a4e2811f3e81702b3a889
SHA512

3dab64074597cd55ace8ba99c8f117fef32bedc4ae1376d7388d3122a5f297b4290a854329d34967fdcbcedddbecddc0aa1cf4503352ab70be38f84a2b9215a4
SSDEEP

1536:EiuIJqfyQd84UB/Qc857JAZ559xWcfZcKalcMbl61d6kGGflDa:/ugqfyQdDu59jfpo4HGO1a

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  6af1aed67c38f6e2a207c731347ecb984d8545ea7d2a4e2811f3e81702b3a889.elf
- Size
  
  106KB
- MD5
  
  5eb2edce17e55a31ffa388ae08ba6245
- SHA1
  
  79f5b95ccb89ec9375e083e2e78d8cffa107ab40
- SHA256
  
  6af1aed67c38f6e2a207c731347ecb984d8545ea7d2a4e2811f3e81702b3a889
- SHA512
  
  3dab64074597cd55ace8ba99c8f117fef32bedc4ae1376d7388d3122a5f297b4290a854329d34967fdcbcedddbecddc0aa1cf4503352ab70be38f84a2b9215a4
- SSDEEP
  
  1536:EiuIJqfyQd84UB/Qc857JAZ559xWcfZcKalcMbl61d6kGGflDa:/ugqfyQdDu59jfpo4HGO1a
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery