Overview

overview

10

Static

static

5

45d5bf1f35...d8.elf

debian-9-mips

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    34a14580ccf090cc765f6de7ca0ae05a.bin

  • Size

    22KB

  • Sample

    250110-bgw83awphy

  • MD5

    6a81e34871cfddfceb870fbe9c3a0b3c

  • SHA1

    fbd13bde4bfba1cddaeb627994e52a1f144c9773

  • SHA256

    64b30564903eaae36760193b78d7049ed09ca8c7e2fc01a6b1fc46ab71a101e2

  • SHA512

    8d837ccd5778759cbdcd618f00157f3fb88d7674ca951cc895ecf12c89b459a4c96270d41a9786ee9e82a3d6490e6425bde99400f56e42a01bcac8e8ed099b45

  • SSDEEP

    384:0ZK6Y3Jox0J3NQOCNDQ03MP/Ee6MQf1TkgJaEWyrIcIol/1Skb3zRlYzhA:0Z1UeCID1cP/SNfagw1yUcIQ/QkplYze

Score
10/10
mirailzrdbotnetdefense_evasiondiscoveryupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      45d5bf1f35db78f9674a412ba6b248755fecd3ef3f6ed6883becced625c16cd8.elf

    • Size

      23KB

    • MD5

      34a14580ccf090cc765f6de7ca0ae05a

    • SHA1

      5ac27b634e71242cb87f6be2befe81395ee7c4e3

    • SHA256

      45d5bf1f35db78f9674a412ba6b248755fecd3ef3f6ed6883becced625c16cd8

    • SHA512

      365fd885d8e3ffe382a7d81ae65b84e99502d420e91e2e246b7ca0e974717affb3f591ee4edfebca019b5a817693bf5a233bf73907b1529378c6b5762bca9811

    • SSDEEP

      384:YeD8ZSH2LLZUYyGZbsOiTrowSN9rnZMINlphQ/HYtuiDQrmdtJgGlzDpH7uNj1Ja:YeD8ZSWvZHZbs1row697qohQvg9DQrif

    Score
    10/10
    mirailzrdbotnetdefense_evasiondiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks