mirai | 4fb97899f26e6715a1bb345de563a5379532e10f28b03df103a194f4c713988a | Triage

Sharing

General

Target

4fb97899f26e6715a1bb345de563a5379532e10f28b03df103a194f4c713988a.elf
Size

83KB
Sample

250117-fffbdasmdx
MD5

1829a100f9c7b0564d194c315a7b5ac9
SHA1

d3bc9592bba4679ab0b98c16feb50e85ec9abe99
SHA256

4fb97899f26e6715a1bb345de563a5379532e10f28b03df103a194f4c713988a
SHA512

8a3f99b273935e65e9c2691f70212630bd450867be3fc48f5f1ae76d23bf1d6c98dcf7ed12ddd04921eb7688b5267b05b09643dd85f29e3b910cdfd75a99ba87
SSDEEP

1536:qpB2MuSQpjYeOeRdQEhuHXzirrIpjtTK2GyvqHPzY9Jl61d68I:qpGSEYeOeRdNkLjJK2Vqvzw4vI

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  4fb97899f26e6715a1bb345de563a5379532e10f28b03df103a194f4c713988a.elf
- Size
  
  83KB
- MD5
  
  1829a100f9c7b0564d194c315a7b5ac9
- SHA1
  
  d3bc9592bba4679ab0b98c16feb50e85ec9abe99
- SHA256
  
  4fb97899f26e6715a1bb345de563a5379532e10f28b03df103a194f4c713988a
- SHA512
  
  8a3f99b273935e65e9c2691f70212630bd450867be3fc48f5f1ae76d23bf1d6c98dcf7ed12ddd04921eb7688b5267b05b09643dd85f29e3b910cdfd75a99ba87
- SSDEEP
  
  1536:qpB2MuSQpjYeOeRdQEhuHXzirrIpjtTK2GyvqHPzY9Jl61d68I:qpGSEYeOeRdNkLjJK2Vqvzw4vI
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery