mirai | b0312721b78f79108078c8dbc25cecb9ed618e3ab833908d189b4c590e39d812 | Triage

Sharing

General

Target

b0312721b78f79108078c8dbc25cecb9ed618e3ab833908d189b4c590e39d812.elf
Size

86KB
Sample

250114-djfefavmcv
MD5

7d0558a4ebbf32f197cefeab3c84937b
SHA1

ffacce0570fa9acb2960b82147ee280065972584
SHA256

b0312721b78f79108078c8dbc25cecb9ed618e3ab833908d189b4c590e39d812
SHA512

858cf48b606e71c13fde72c6f2e4b8d25844d4585ae0f409a6f003c0d13c73984f3b1fad6d144ff473ee9b8947d9f4feb265f292c0ab53fd64f17fc0ae41a04d
SSDEEP

1536:idYcSX1j4q2as9LQjIlaVlkhNYnFPzY2uBteVMwvLvRl61d6KIjW+:idjSXt4qls9xYnF7Y2uUqwR41IjW

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  b0312721b78f79108078c8dbc25cecb9ed618e3ab833908d189b4c590e39d812.elf
- Size
  
  86KB
- MD5
  
  7d0558a4ebbf32f197cefeab3c84937b
- SHA1
  
  ffacce0570fa9acb2960b82147ee280065972584
- SHA256
  
  b0312721b78f79108078c8dbc25cecb9ed618e3ab833908d189b4c590e39d812
- SHA512
  
  858cf48b606e71c13fde72c6f2e4b8d25844d4585ae0f409a6f003c0d13c73984f3b1fad6d144ff473ee9b8947d9f4feb265f292c0ab53fd64f17fc0ae41a04d
- SSDEEP
  
  1536:idYcSX1j4q2as9LQjIlaVlkhNYnFPzY2uBteVMwvLvRl61d6KIjW+:idjSXt4qls9xYnF7Y2uUqwR41IjW
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery