General
-
Target
c2714ff4ee98f85de0bb1db36fe0686bd252712fb57eddc3feb4638903c288ee.sh
-
Size
2KB
-
Sample
250126-ejnw9a1mew
-
MD5
17dd5d8084206f6fc1220c00f306c8a7
-
SHA1
f5a1e23a8ec3c955a188c5f0e8487323046589bb
-
SHA256
c2714ff4ee98f85de0bb1db36fe0686bd252712fb57eddc3feb4638903c288ee
-
SHA512
39bc89258fa7fd88b67e530d7f2b0a65aacfaf4c93c102bddc9e4bfafbe5b9f5047a3ab54ca05feade7398a2a52be1c59ce29241ab1093f2f0de331c0106600a
Malware Config
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Targets
-
-
Target
c2714ff4ee98f85de0bb1db36fe0686bd252712fb57eddc3feb4638903c288ee.sh
-
Size
2KB
-
MD5
17dd5d8084206f6fc1220c00f306c8a7
-
SHA1
f5a1e23a8ec3c955a188c5f0e8487323046589bb
-
SHA256
c2714ff4ee98f85de0bb1db36fe0686bd252712fb57eddc3feb4638903c288ee
-
SHA512
39bc89258fa7fd88b67e530d7f2b0a65aacfaf4c93c102bddc9e4bfafbe5b9f5047a3ab54ca05feade7398a2a52be1c59ce29241ab1093f2f0de331c0106600a
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Mirai family
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Impair Defenses
1Virtualization/Sandbox Evasion
1System Checks
1