mirai | 4b90d61e3d218094e95cfc1e7c19546ebf23028f98e8131e206ff763ec6745c7 | Triage

Sharing

General

Target

byte.arm5.elf
Size

83KB
Sample

250113-e5ewgaylhm
MD5

c2eefd0cfd61dc78fee7e7dde690b735
SHA1

a641e1b3ee6c9689da21217d5a9410d699bb3f97
SHA256

4b90d61e3d218094e95cfc1e7c19546ebf23028f98e8131e206ff763ec6745c7
SHA512

aeef5888c40249ed1274446a818d5b7b11e345b8a58b626c7081b4bf1a31b22b054989975d41e7a1fbebbab18dbb5fa1dff8c0e176fd6ec11fe7145a051ec7d7
SSDEEP

1536:SpB2MuSQpjYeO2ld8EFiHXzGrrclTdJmyq+lxWHPzY51l61d6KI:SpGSEYeO2ldFw3TrmyDxWvzY41I

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  byte.arm5.elf
- Size
  
  83KB
- MD5
  
  c2eefd0cfd61dc78fee7e7dde690b735
- SHA1
  
  a641e1b3ee6c9689da21217d5a9410d699bb3f97
- SHA256
  
  4b90d61e3d218094e95cfc1e7c19546ebf23028f98e8131e206ff763ec6745c7
- SHA512
  
  aeef5888c40249ed1274446a818d5b7b11e345b8a58b626c7081b4bf1a31b22b054989975d41e7a1fbebbab18dbb5fa1dff8c0e176fd6ec11fe7145a051ec7d7
- SSDEEP
  
  1536:SpB2MuSQpjYeO2ld8EFiHXzGrrclTdJmyq+lxWHPzY51l61d6KI:SpGSEYeO2ldFw3TrmyDxWvzY41I
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery