mirai | e1fa9005bd00e93f74f0ac25572ded48334cb7d5b2f823e9072b3a3080782930 | Triage

Sharing

General

Target

boatnet.x86_64
Size

53KB
Sample

250131-glahra1lbm
MD5

850956196317b63e6632bfee15d9b2f6
SHA1

075fdbd57503021072581971fe77664008f39433
SHA256

e1fa9005bd00e93f74f0ac25572ded48334cb7d5b2f823e9072b3a3080782930
SHA512

080d77e1b1dd9d67c5568b5afbdb5f0d2fcb1d5f4021c42578e5d22778a1b06369e4a0ae5183b49c46096666ad40cc012641d7cd27f28d4620b744b2a726fb03
SSDEEP

1536:gfHlPDdJaEcLAeF9TUDWog1HH6ct0QkiuVn4P:yHlPZMEcTFZ2A1HH6y0hVn4P

Score

10^/10

mirai lzrd defense_evasion discovery linux

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  boatnet.x86_64
- Size
  
  53KB
- MD5
  
  850956196317b63e6632bfee15d9b2f6
- SHA1
  
  075fdbd57503021072581971fe77664008f39433
- SHA256
  
  e1fa9005bd00e93f74f0ac25572ded48334cb7d5b2f823e9072b3a3080782930
- SHA512
  
  080d77e1b1dd9d67c5568b5afbdb5f0d2fcb1d5f4021c42578e5d22778a1b06369e4a0ae5183b49c46096666ad40cc012641d7cd27f28d4620b744b2a726fb03
- SSDEEP
  
  1536:gfHlPDdJaEcLAeF9TUDWog1HH6ct0QkiuVn4P:yHlPZMEcTFZ2A1HH6y0hVn4P
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery