mirai | 93084ea17f04b88fb4c141a506a2cb51997b8b8f3b388004f81b14e77f44edd6 | Triage

Sharing

General

Target

SecuriteInfo.com.Heur.20230530002723960375230.elf
Size

22KB
Sample

230530-arq95aeb63
MD5

d39a6d7ead04376672e1a968fb064a69
SHA1

739138dc46d534f2241207b3c26f203f402c944a
SHA256

93084ea17f04b88fb4c141a506a2cb51997b8b8f3b388004f81b14e77f44edd6
SHA512

f9569f7aa11bef0393303972c601683be9cc20744d7e7e3ac5a7f7eb4ebc21b28c9828dcbbb601aa8c1d13e12c77fa3fb4a0838a5e955a526433df16db32b0a3
SSDEEP

384:WwJQXFP+E625FEBEBw2utsjLodzkLBbepegdgpidv9XNXShcaJgGlzDpH0+73ssh:W1X1oMyycTeBysgdWOv9XMlJgGlzDpUa

Score

10^/10

mirai botnet upx

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Heur.20230530002723960375230.elf
- Size
  
  22KB
- MD5
  
  d39a6d7ead04376672e1a968fb064a69
- SHA1
  
  739138dc46d534f2241207b3c26f203f402c944a
- SHA256
  
  93084ea17f04b88fb4c141a506a2cb51997b8b8f3b388004f81b14e77f44edd6
- SHA512
  
  f9569f7aa11bef0393303972c601683be9cc20744d7e7e3ac5a7f7eb4ebc21b28c9828dcbbb601aa8c1d13e12c77fa3fb4a0838a5e955a526433df16db32b0a3
- SSDEEP
  
  384:WwJQXFP+E625FEBEBw2utsjLodzkLBbepegdgpidv9XNXShcaJgGlzDpH0+73ssh:W1X1oMyycTeBysgdWOv9XMlJgGlzDpUa
Score

10^/10

mirai botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Impair Defenses

Hijack Execution Flow

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1