mirai | a0e64f441429f1f80da8285856c1008f1a1ed4d236653b679b3f77e60fd25a0a | Triage

Sharing

General

Target

a0e64f441429f1f80da8285856c1008f1a1ed4d236653b679b3f77e60fd25a0a.elf
Size

83KB
Sample

241229-c2qgpazmhj
MD5

805711447838f98416cca520f3f10800
SHA1

0c91fdfd84cb40128e4ee25b2af26cd64344e4ce
SHA256

a0e64f441429f1f80da8285856c1008f1a1ed4d236653b679b3f77e60fd25a0a
SHA512

90cdedc7b3957e04080247eb94cccb606db6406dc14ae75f3109c2a25c5c666ea8939f9aa36fc06937626041bd0e710d72dc7cb8512943079b31affb9616d435
SSDEEP

1536:SpB2MuSQpjYeO2ld8EFiHXzGrrclTdJmyq+lxWHPzY51l61d6KI:SpGSEYeO2ldFw3TrmyDxWvzY41I

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  a0e64f441429f1f80da8285856c1008f1a1ed4d236653b679b3f77e60fd25a0a.elf
- Size
  
  83KB
- MD5
  
  805711447838f98416cca520f3f10800
- SHA1
  
  0c91fdfd84cb40128e4ee25b2af26cd64344e4ce
- SHA256
  
  a0e64f441429f1f80da8285856c1008f1a1ed4d236653b679b3f77e60fd25a0a
- SHA512
  
  90cdedc7b3957e04080247eb94cccb606db6406dc14ae75f3109c2a25c5c666ea8939f9aa36fc06937626041bd0e710d72dc7cb8512943079b31affb9616d435
- SSDEEP
  
  1536:SpB2MuSQpjYeO2ld8EFiHXzGrrclTdJmyq+lxWHPzY51l61d6KI:SpGSEYeO2ldFw3TrmyDxWvzY41I
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery