mirai | 26fa352495ea60edee171ec62e55c137b679249db19cdbb0ea6c2feee42a99e3 | Triage

Sharing

General

Target

26fa352495ea60edee171ec62e55c137b679249db19cdbb0ea6c2feee42a99e3.elf
Size

86KB
Sample

250117-e7l3kasrdm
MD5

4ee22dcda4050eb75dff55530fe19743
SHA1

bf9da8ef99aaefb9da9d6f35de7349fba47d5bb7
SHA256

26fa352495ea60edee171ec62e55c137b679249db19cdbb0ea6c2feee42a99e3
SHA512

65f6211a03e526caaaa88b1971c303c706b819f6ec695b603d7d9c020b6c0712835b4fdaa376f426ef54046593882c9011d840a87b7188be5dca072a9c9d117a
SSDEEP

1536:CdYcSX1jQq2aA93QjIlGVlwpRY7hvusiCfyVMwjLvVl61d68IXW+:CdjSXtQqlA9pY7hmsidqEV4vIXW

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  26fa352495ea60edee171ec62e55c137b679249db19cdbb0ea6c2feee42a99e3.elf
- Size
  
  86KB
- MD5
  
  4ee22dcda4050eb75dff55530fe19743
- SHA1
  
  bf9da8ef99aaefb9da9d6f35de7349fba47d5bb7
- SHA256
  
  26fa352495ea60edee171ec62e55c137b679249db19cdbb0ea6c2feee42a99e3
- SHA512
  
  65f6211a03e526caaaa88b1971c303c706b819f6ec695b603d7d9c020b6c0712835b4fdaa376f426ef54046593882c9011d840a87b7188be5dca072a9c9d117a
- SSDEEP
  
  1536:CdYcSX1jQq2aA93QjIlGVlwpRY7hvusiCfyVMwjLvVl61d68IXW+:CdjSXtQqlA9pY7hmsidqEV4vIXW
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery