mirai | 898aabc9633231e530c8a5ce539c80b11535aacbc9f28740cf42016eee0fc787 | Triage

Sharing

General

Target

byte.x86.elf
Size

73KB
Sample

250113-fgtkdsyrep
MD5

a2451f6bd0eb6b177d5f40d71e0e4059
SHA1

fc3baa30b559b41ce64fef7eda787f37bb43077e
SHA256

898aabc9633231e530c8a5ce539c80b11535aacbc9f28740cf42016eee0fc787
SHA512

8ed3383b471ccad5c5919e2c4aac64573d12decee13b6d25a643c4e2b48701952a462647247d657fa22a941eeff6b4b97695ddd77c00445df27dd75ee45d07cb
SSDEEP

1536:6SYXBbpKbF+5AQZKOtRDXVFxKbgMj+B3bEKoui0QOo/Y0TB3:SbobF+5QOth3AbgMj+xbyuPXopt3

Score

10^/10

mirai lzrd defense_evasion discovery linux

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  byte.x86.elf
- Size
  
  73KB
- MD5
  
  a2451f6bd0eb6b177d5f40d71e0e4059
- SHA1
  
  fc3baa30b559b41ce64fef7eda787f37bb43077e
- SHA256
  
  898aabc9633231e530c8a5ce539c80b11535aacbc9f28740cf42016eee0fc787
- SHA512
  
  8ed3383b471ccad5c5919e2c4aac64573d12decee13b6d25a643c4e2b48701952a462647247d657fa22a941eeff6b4b97695ddd77c00445df27dd75ee45d07cb
- SSDEEP
  
  1536:6SYXBbpKbF+5AQZKOtRDXVFxKbgMj+B3bEKoui0QOo/Y0TB3:SbobF+5QOth3AbgMj+xbyuPXopt3
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery