mirai | d51aa3762d34af64d942a947cf4cdd2818bdc70e6a68bc70c95a4565392c4e69 | Triage

Resubmissions

07-02-2025 20:13

250207-yzxc4swjet 10

07-02-2025 20:10

250207-yxsbdaxjfn 10

Sharing

General

Target

5.175.249.223-boatnet.arm6-2025-02-07T185132.elf
Size

45KB
Sample

250207-yzxc4swjet
MD5

c5d5ac2f70d45c13a0c9296115a7b9cb
SHA1

46bb74b604ac5a7a55396fdd319c4702e915c155
SHA256

d51aa3762d34af64d942a947cf4cdd2818bdc70e6a68bc70c95a4565392c4e69
SHA512

66d73348695eaf0031ae5bfd490c7d0cad3f16785674f0befecb0e0ba111df68a3e956eca0c2fb5cd15ad030b5c837656de72d4170fd7aebf98d55fc04370f96
SSDEEP

768:D/TYCoIxdEk+AxoTZAZHFeq8b3J9q3UELmjfTgdGwdh5WGES3yi:DECFd+A6YHAx8L+fMJJp

Score

10^/10

mirai lzrd botnet defense_evasion discovery upx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  5.175.249.223-boatnet.arm6-2025-02-07T185132.elf
- Size
  
  45KB
- MD5
  
  c5d5ac2f70d45c13a0c9296115a7b9cb
- SHA1
  
  46bb74b604ac5a7a55396fdd319c4702e915c155
- SHA256
  
  d51aa3762d34af64d942a947cf4cdd2818bdc70e6a68bc70c95a4565392c4e69
- SHA512
  
  66d73348695eaf0031ae5bfd490c7d0cad3f16785674f0befecb0e0ba111df68a3e956eca0c2fb5cd15ad030b5c837656de72d4170fd7aebf98d55fc04370f96
- SSDEEP
  
  768:D/TYCoIxdEk+AxoTZAZHFeq8b3J9q3UELmjfTgdGwdh5WGES3yi:DECFd+A6YHAx8L+fMJJp
Score

10^/10

mirai lzrd botnet defense_evasion discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Mirai family
  mirai
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mirailzrdbotnetdefense_evasiondiscovery