mirai | 97322a6ff08acd8f891873bff362bb9b5825e8b67781a5f39095be11adf9432b | Triage

Submit
Reports

Overview

overview

Static

static

5

97322a6ff0...2b.elf

debian-9-armhf

Sharing

General

Target

97322a6ff08acd8f891873bff362bb9b5825e8b67781a5f39095be11adf9432b.elf
Size

62KB
Sample

250307-fy99gavsgs
MD5

159048424443d3cb27457baf3b8d9f70
SHA1

24e4fb942c3e4adfd13cf0903b825f6ca939a461
SHA256

97322a6ff08acd8f891873bff362bb9b5825e8b67781a5f39095be11adf9432b
SHA512

cae9e1ea0f703739a38694e2467c1ad165f6ce31745db94eba9218b0c69a75d21e981418093c696164442c52992aac6171bf95de0173304f72bd6547e97da69e
SSDEEP

1536:fQ/ipBWTCfV9N49ZjetCi643L+TUi6iBRp+Oc:IKpsTiW9EtCi9LAPTd+1

Score

10^/10

mirai lzrd botnet defense_evasion discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

97322a6ff08acd8f891873bff362bb9b5825e8b67781a5f39095be11adf9432b.elf

Resource

debian9-armhf-20240418-en

mirai lzrd botnet defense_evasion discovery

debian-9-armhf

6 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  97322a6ff08acd8f891873bff362bb9b5825e8b67781a5f39095be11adf9432b.elf
- Size
  
  62KB
- MD5
  
  159048424443d3cb27457baf3b8d9f70
- SHA1
  
  24e4fb942c3e4adfd13cf0903b825f6ca939a461
- SHA256
  
  97322a6ff08acd8f891873bff362bb9b5825e8b67781a5f39095be11adf9432b
- SHA512
  
  cae9e1ea0f703739a38694e2467c1ad165f6ce31745db94eba9218b0c69a75d21e981418093c696164442c52992aac6171bf95de0173304f72bd6547e97da69e
- SSDEEP
  
  1536:fQ/ipBWTCfV9N49ZjetCi643L+TUi6iBRp+Oc:IKpsTiW9EtCi9LAPTd+1
Score

10^/10

mirai lzrd botnet defense_evasion discovery
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Mirai family
  mirai
- Contacts a large (23906) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mirailzrdbotnetdefense_evasiondiscovery

© 2018-2025

Terms | Privacy