mirai | d737e57fba973c888911755ae175867cb0e10f6ae29e76b420873962635b5ea6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

329-1-0x00400000-0x00452a58-memory.dmp
Size

73KB
Sample

230612-s4gwbsdd6y
MD5

0d7ea3e72e6d66434e2e6365c385be5c
SHA1

425b7f4ed61b92834eade9d32692845ee089d740
SHA256

d737e57fba973c888911755ae175867cb0e10f6ae29e76b420873962635b5ea6
SHA512

55dbb5f4fc7dc30606dcd22b15ca631bccb8e58e898a66360182ba00071f599144ed62b3a1b9d0c4cbf94ca07a6857b148afdfb20e5b64f2835e65b28ba1402f
SSDEEP

1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerEStdP:oJPEB8NWq9hqqd0F

Score

10^/10

mirai lzrd

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  329-1-0x00400000-0x00452a58-memory.dmp
- Size
  
  73KB
- MD5
  
  0d7ea3e72e6d66434e2e6365c385be5c
- SHA1
  
  425b7f4ed61b92834eade9d32692845ee089d740
- SHA256
  
  d737e57fba973c888911755ae175867cb0e10f6ae29e76b420873962635b5ea6
- SHA512
  
  55dbb5f4fc7dc30606dcd22b15ca631bccb8e58e898a66360182ba00071f599144ed62b3a1b9d0c4cbf94ca07a6857b148afdfb20e5b64f2835e65b28ba1402f
- SSDEEP
  
  1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerEStdP:oJPEB8NWq9hqqd0F
Score

7^/10
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1