mirai | ec69d11dde5dc4cff65132963aaea9218e92b371fd9ca8f8cd1b220bd23925a4 | Triage

Sharing

General

Target

5eb2edce17e55a31ffa388ae08ba6245.bin
Size

44KB
Sample

241229-bqrd6sxqbz
MD5

af99fcf05256d5a4855b0f300d9db6ee
SHA1

e1cd04eace307758f1a945c87bc9c14ab7bf14ce
SHA256

ec69d11dde5dc4cff65132963aaea9218e92b371fd9ca8f8cd1b220bd23925a4
SHA512

5863de8e6c9b509fb5c4f211e2723a6f8ad476f918db28c1092347f3913b680e2caaad034eff8b7f74dabf12715ed625c1e7d1a5d3f82d596e7826648c0777e5
SSDEEP

768:Z6r42knWDOvV50KJsqSWgMDhHrSysTFHLwWOhaA7Twv/g0klqBflwfvT8/vD/MQ9:Z6r4lWAVGKXXVZrSysTJkn7QHkqB9w3Q

Score

10^/10

mirai lzrd defense_evasion

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  6af1aed67c38f6e2a207c731347ecb984d8545ea7d2a4e2811f3e81702b3a889.elf
- Size
  
  106KB
- MD5
  
  5eb2edce17e55a31ffa388ae08ba6245
- SHA1
  
  79f5b95ccb89ec9375e083e2e78d8cffa107ab40
- SHA256
  
  6af1aed67c38f6e2a207c731347ecb984d8545ea7d2a4e2811f3e81702b3a889
- SHA512
  
  3dab64074597cd55ace8ba99c8f117fef32bedc4ae1376d7388d3122a5f297b4290a854329d34967fdcbcedddbecddc0aa1cf4503352ab70be38f84a2b9215a4
- SSDEEP
  
  1536:EiuIJqfyQd84UB/Qc857JAZ559xWcfZcKalcMbl61d6kGGflDa:/ugqfyQdDu59jfpo4HGO1a
Score

7^/10

defense_evasion
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasion