Overview

overview

10

Static

static

5

f9408ca8aa...de.elf

ubuntu-22.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    29ef0763121cbdb75d7a0f196afdd8aa.bin

  • Size

    20KB

  • Sample

    250111-bc7t1awlgs

  • MD5

    642903ff4a2addda9307f66f95d7dcd9

  • SHA1

    e13389828cd7ae6bf23f9fd4c172f009c8e61fab

  • SHA256

    c09bbb0c197e76a68a8bcbef23e1a10f2c46050fb4b56c819b92e69811ab04d2

  • SHA512

    68bd0f29d40c8226271b47afd3d30b94b4bd24e7169ea836796cbc68823d985b2d813479b15eb3b1761286052519f3ec80e5f01e006f373ddbc968ce2fcb2b1f

  • SSDEEP

    384:vZXUkH3NAOjx6VyObkWYU8OmLbwV9XXPtEjgkYeyYtrdL7qYVw:P9MroWWw9X1OY4rdL7qv

Score
10/10
mirailzrdbotnetdefense_evasiondiscoverylinuxupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      f9408ca8aa9716bd4561bf719a6a8f80b88a26cc5379e994f397d3f9b9e8b2de.elf

    • Size

      20KB

    • MD5

      29ef0763121cbdb75d7a0f196afdd8aa

    • SHA1

      22bf2948a5bef3356b4a246012d8bacea8c758b2

    • SHA256

      f9408ca8aa9716bd4561bf719a6a8f80b88a26cc5379e994f397d3f9b9e8b2de

    • SHA512

      76960dcddf809785e59b7ce569805d8283122e4b0c64b306e207de93425a6c16b847ead3e67b1d2580058cbb74451cd4580e075a121683b8a1f53307c0d000a1

    • SSDEEP

      384:Mg4Lpj8s/qPui8uZxoIA57RWQjJiEVi+ZkXadmTb+502F2vwA9dWuMW21bAK1oTw:M98o08kxofBE+ZkXaITbp2F2TWul0c5k

    Score
    10/10
    mirailzrdbotnetdefense_evasiondiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks