General
-
Target
938aa70dc932c5e04d7b26226591bfa9c18180421958613bac79c72fbcd3145c.sh
-
Size
2KB
-
Sample
241231-c6s4dasrey
-
MD5
7e24e03c8d6c1bafbc85a32aa065853f
-
SHA1
1399f7b9e79afa7fb910eb61f8e7d10b36c64310
-
SHA256
938aa70dc932c5e04d7b26226591bfa9c18180421958613bac79c72fbcd3145c
-
SHA512
0975c2aaae90e309467a37d38bdb48790c56c7efdfe9ad82a69c93d8cd2d25f4eee4e741222b1d455e04913e69380d52f81efe6c1b025e9ef1fd872a0fcac521
Malware Config
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Targets
-
-
Target
938aa70dc932c5e04d7b26226591bfa9c18180421958613bac79c72fbcd3145c.sh
-
Size
2KB
-
MD5
7e24e03c8d6c1bafbc85a32aa065853f
-
SHA1
1399f7b9e79afa7fb910eb61f8e7d10b36c64310
-
SHA256
938aa70dc932c5e04d7b26226591bfa9c18180421958613bac79c72fbcd3145c
-
SHA512
0975c2aaae90e309467a37d38bdb48790c56c7efdfe9ad82a69c93d8cd2d25f4eee4e741222b1d455e04913e69380d52f81efe6c1b025e9ef1fd872a0fcac521
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Mirai family
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Impair Defenses
1Virtualization/Sandbox Evasion
1System Checks
1