Overview

overview

10

Static

static

5

camp.arm.elf

debian-9-armhf

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    camp.arm.elf

  • Size

    35KB

  • Sample

    250111-2qjbnstjcy

  • MD5

    2bc0c54817f4ac3e7dcd2c781400fe36

  • SHA1

    5d55e432d4963e016cb9c63b01845e6a992114dc

  • SHA256

    d80ca4b489b5cded17b43d9f3968ba89cf20b938e2aee69cdffcbf336b2539e4

  • SHA512

    ca2c7f61f4d7bcde6adf26b2e7a76adfb89c78abb4e7bbad3557f252b485d2be39b80aa04cd2fa85140016bf4a1bbccd4b47d6db08ccf2186d58446a92febbe4

  • SSDEEP

    768:EJTKmOVP3WWkPgb7lPBIqxwQEECBah3zGKT0+Os3Uozw:EAmO4POPN5Evo3FTzzw

Score
10/10
mirailzrdbotnetdefense_evasiondiscoveryupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      camp.arm.elf

    • Size

      35KB

    • MD5

      2bc0c54817f4ac3e7dcd2c781400fe36

    • SHA1

      5d55e432d4963e016cb9c63b01845e6a992114dc

    • SHA256

      d80ca4b489b5cded17b43d9f3968ba89cf20b938e2aee69cdffcbf336b2539e4

    • SHA512

      ca2c7f61f4d7bcde6adf26b2e7a76adfb89c78abb4e7bbad3557f252b485d2be39b80aa04cd2fa85140016bf4a1bbccd4b47d6db08ccf2186d58446a92febbe4

    • SSDEEP

      768:EJTKmOVP3WWkPgb7lPBIqxwQEECBah3zGKT0+Os3Uozw:EAmO4POPN5Evo3FTzzw

    Score
    10/10
    mirailzrdbotnetdefense_evasiondiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks