mirai | 7bf1c6c468fdc92eb6dcbd43ed6318295b65cb36d651d5bea5e6fd825c60f922 | Triage

Sharing

General

Target

7bf1c6c468fdc92eb6dcbd43ed6318295b65cb36d651d5bea5e6fd825c60f922.elf
Size

24KB
Sample

250109-c3cxzsxken
MD5

d862cb0f2fa92e7d70795dfc9652516b
SHA1

bcbac30c3011ba17ece59c1264802988b24d124a
SHA256

7bf1c6c468fdc92eb6dcbd43ed6318295b65cb36d651d5bea5e6fd825c60f922
SHA512

17f67ac3fc332606206f08afea9ee936418fff5d632ce4140e554045c37b87b209d59d73a8d5399cccac78ca3c6fae5053843069c51d260c3ab2aabe97601835
SSDEEP

768:obrQlS07dEv0UXqUhvQE+CXQKMQKCXBpu3ZqSWvK:4QlS07FUXqIYSXQKquuJqC

Score

10^/10

mirai lzrd botnet defense_evasion upx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  7bf1c6c468fdc92eb6dcbd43ed6318295b65cb36d651d5bea5e6fd825c60f922.elf
- Size
  
  24KB
- MD5
  
  d862cb0f2fa92e7d70795dfc9652516b
- SHA1
  
  bcbac30c3011ba17ece59c1264802988b24d124a
- SHA256
  
  7bf1c6c468fdc92eb6dcbd43ed6318295b65cb36d651d5bea5e6fd825c60f922
- SHA512
  
  17f67ac3fc332606206f08afea9ee936418fff5d632ce4140e554045c37b87b209d59d73a8d5399cccac78ca3c6fae5053843069c51d260c3ab2aabe97601835
- SSDEEP
  
  768:obrQlS07dEv0UXqUhvQE+CXQKMQKCXBpu3ZqSWvK:4QlS07FUXqIYSXQKquuJqC
Score

10^/10

mirai lzrd botnet defense_evasion
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Mirai family
  mirai
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mirailzrdbotnetdefense_evasion