mirai | 37c2cc2b739fa0ac2045a11611032505dc10cb6b70525eaa084a066886fdf4c8 | Triage

Sharing

General

Target

37c2cc2b739fa0ac2045a11611032505dc10cb6b70525eaa084a066886fdf4c8.elf
Size

104KB
Sample

250114-ctnywstpav
MD5

0b337eb9a74fdd0d0f2006e4ed7f4c70
SHA1

d31c8c801601c935f0b96efb1dd6ecc47414e800
SHA256

37c2cc2b739fa0ac2045a11611032505dc10cb6b70525eaa084a066886fdf4c8
SHA512

ad0897247af3a62f1e9bfca9ddd95e8c4f27e7abc0bafb7f982aaf7a23aad3e14acaf7ee2cf1294a641e1e8bcf9f0db3b535179d1100aec4f8a90c096e517339
SSDEEP

1536:rWSIow5K0LU/RO1LwHVjShCL8kzmEmfrhdogZeB9il61d60qH:xCfU/ROtsjShCL8kzmEmfNdhGi4XqH

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  37c2cc2b739fa0ac2045a11611032505dc10cb6b70525eaa084a066886fdf4c8.elf
- Size
  
  104KB
- MD5
  
  0b337eb9a74fdd0d0f2006e4ed7f4c70
- SHA1
  
  d31c8c801601c935f0b96efb1dd6ecc47414e800
- SHA256
  
  37c2cc2b739fa0ac2045a11611032505dc10cb6b70525eaa084a066886fdf4c8
- SHA512
  
  ad0897247af3a62f1e9bfca9ddd95e8c4f27e7abc0bafb7f982aaf7a23aad3e14acaf7ee2cf1294a641e1e8bcf9f0db3b535179d1100aec4f8a90c096e517339
- SSDEEP
  
  1536:rWSIow5K0LU/RO1LwHVjShCL8kzmEmfrhdogZeB9il61d60qH:xCfU/ROtsjShCL8kzmEmfNdhGi4XqH
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery