mirai | da9c35337e4411d969573ef09c6d7bfb31746ccb541f8672077c3b2f9e2de71d | Triage

Sharing

General

Target

1614173ac0287d645cd6eb1851c0d840.elf
Size

36KB
Sample

230508-vy9p9sde8x
MD5

1614173ac0287d645cd6eb1851c0d840
SHA1

20f36a97332e66df06574802956e4b361d2c4f50
SHA256

da9c35337e4411d969573ef09c6d7bfb31746ccb541f8672077c3b2f9e2de71d
SHA512

d85bbffb175cb3dd54c8453ad87d7b4492aa2408f91dcfcdac9dd415bacf66d68897e5bf75b29f502a3f39d8afdd0d78a08b7b396d48712baa2a1aeea4e0e1a1
SSDEEP

768:kaZaZqJH0UNLIfJzQJi372HsOtyHpJddkW7JzmLYS9q3UELe:ka8ZqK2kfJzQA37UsEiz6wLe

Score

10^/10

mirai botnet botnet upx

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

- Target
  
  1614173ac0287d645cd6eb1851c0d840.elf
- Size
  
  36KB
- MD5
  
  1614173ac0287d645cd6eb1851c0d840
- SHA1
  
  20f36a97332e66df06574802956e4b361d2c4f50
- SHA256
  
  da9c35337e4411d969573ef09c6d7bfb31746ccb541f8672077c3b2f9e2de71d
- SHA512
  
  d85bbffb175cb3dd54c8453ad87d7b4492aa2408f91dcfcdac9dd415bacf66d68897e5bf75b29f502a3f39d8afdd0d78a08b7b396d48712baa2a1aeea4e0e1a1
- SSDEEP
  
  768:kaZaZqJH0UNLIfJzQJi372HsOtyHpJddkW7JzmLYS9q3UELe:ka8ZqK2kfJzQA37UsEiz6wLe
Score

10^/10

mirai botnet botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Changes its process name
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

miraibotnetbotnet