Overview

overview

10

Static

static

5

8d78df2168...59.elf

debian-9-mips

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1dd5edb43cfbb103dfca5e7b3cf4966c.bin

  • Size

    22KB

  • Sample

    250101-bgh2fa1mgq

  • MD5

    114bc1c9f2ca7b3c9f2d1f2f69f40f64

  • SHA1

    abfb84d89aa2975b83b1ff76db5590c4fbb2dc2c

  • SHA256

    95cfce5c93e0705e76fd12edb012c97261c666bad467ebfa8cc02f620dcddfd2

  • SHA512

    35d4770d10f0b95b5d3e864f1a5f3442ef6ebd2881e3b9072d02d7762cfa00d8957bc7fd96e2f437fa44ac75447f59f8c827d6f3880521f1d3a3cc700303e35b

  • SSDEEP

    384:+t1FBR39TBU0TmkSgjVasF91GCh/o3+S44iueG2WJypHBeqYnvUQt:+jfBUIXVt1GChnS/ijEy2AQt

Score
10/10
mirailzrdbotnetdefense_evasiondiscoveryupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      8d78df2168c69653c987155194247ccd402bd933c690b51b45535439ca4eb959.elf

    • Size

      23KB

    • MD5

      1dd5edb43cfbb103dfca5e7b3cf4966c

    • SHA1

      4450cd64e4e0aa7820c3bb8f18063ccf7534fbef

    • SHA256

      8d78df2168c69653c987155194247ccd402bd933c690b51b45535439ca4eb959

    • SHA512

      177aec6bf6ec7e790c499797187c0bda6a0b1176464ff1e549b5029b98c250facdd0a925f73ac9a12c2defb012e44932a7ece25bd7146a37a0cc158bdef10077

    • SSDEEP

      384:YeD8ZSH2LLZUYyGZbsOiTrowSN9rnZMINlphQ/HYtuiOemdtJgGlzDpH7uNj1JAh:YeD8ZSWvZHZbs1row697qohQvg9litJr

    Score
    10/10
    mirailzrdbotnetdefense_evasiondiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks