General
-
Target
97494a11ca5c4b52978092cc55a411f7ee8790a358549c8c7523d2d27820ac01.sh
-
Size
2KB
-
Sample
250307-fzcdtsvsgt
-
MD5
92b0a18b935a6afdea317d573967bd1e
-
SHA1
09eeb86ddb300ff70f09613b2f50813488851c74
-
SHA256
97494a11ca5c4b52978092cc55a411f7ee8790a358549c8c7523d2d27820ac01
-
SHA512
0abac2769286e7dcd3893ac64e604556418e134ddc6b5b38b9a7353fe3cb3048da3fa189416ec05c83147ca1f4c0a8dca2513f2fe7c93927097267884933dc14
Malware Config
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Extracted
mirai
LZRD
Targets
-
-
Target
97494a11ca5c4b52978092cc55a411f7ee8790a358549c8c7523d2d27820ac01.sh
-
Size
2KB
-
MD5
92b0a18b935a6afdea317d573967bd1e
-
SHA1
09eeb86ddb300ff70f09613b2f50813488851c74
-
SHA256
97494a11ca5c4b52978092cc55a411f7ee8790a358549c8c7523d2d27820ac01
-
SHA512
0abac2769286e7dcd3893ac64e604556418e134ddc6b5b38b9a7353fe3cb3048da3fa189416ec05c83147ca1f4c0a8dca2513f2fe7c93927097267884933dc14
Score10/10-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Mirai family
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Impair Defenses
1Virtualization/Sandbox Evasion
1System Checks
1