mirai | 56a3f7ce55b08c27403a32c1c9941db1fce1a7a1a09a86aa267c143de87466cf | Triage

Sharing

General

Target

0f04a53b4b4870c9b8d541a6f27631c0.bin
Size

74KB
Sample

241229-bc5dwaxner
MD5

d4f9c05fa2e12c9e022b2a13616b52d4
SHA1

25cdc8a4a86dd141ce09833d01798a2cb15aa1d9
SHA256

56a3f7ce55b08c27403a32c1c9941db1fce1a7a1a09a86aa267c143de87466cf
SHA512

c8ce8be608f5521fa22f3e70eb553ba4083eedba91a0ec7df0a96da475596f89b46a31535979d210ba8bbfa9529b4788962f699a8a4d1309e1610795d0e48d20
SSDEEP

1536:JvieiSZvUmupWiEwi+RTdAXA0NhtPTHyIYM28n/mHBD4zlE:Jqe7vfuMYUA0NHPTSIG8gMe

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  5da633f7a8255cbb98c8a7e20275283dfbd32e8caf222d8427ced92340a4fc0c.elf
- Size
  
  164KB
- MD5
  
  0f04a53b4b4870c9b8d541a6f27631c0
- SHA1
  
  1e83cbdd12395dcc9ad121ce594fb7051963a029
- SHA256
  
  5da633f7a8255cbb98c8a7e20275283dfbd32e8caf222d8427ced92340a4fc0c
- SHA512
  
  f39c883a0322f375d7c1525ac68eeec975964cf924e965b88ec8ccb1beadfb6a524d5b14c008b861224f64fddb2ed158d29eb52e2188d648be64cf058deebeef
- SSDEEP
  
  3072:3UvDiabnHsGC3AalhgyCT6097HjvNMI41Mb+ewAM/9VYGbCo:3UvmabH4AalhgyCOo3N6Mb+eTM/9VYFo
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery