mirai | f3b52a4a251dee204cf50c4a7a84f9c0c68bbd96a415cb53554550bff1a8ef29 | Triage

Sharing

General

Target

326-1-0x00400000-0x00452a58-memory.dmp
Size

73KB
Sample

230629-zmxzjsfa52
MD5

338036bf13842b001d1495beca538f1c
SHA1

f3b96c214951362765ac3ff210e2833dfba9063b
SHA256

f3b52a4a251dee204cf50c4a7a84f9c0c68bbd96a415cb53554550bff1a8ef29
SHA512

e789068d86d6c78b49f2d83434969b7a5b3b8319b3eca448afd0f99c1f22ed753971d303fa921a7f10a0e7a2999bc305f9c2e6f3cdf093983e524ac2c59db9f2
SSDEEP

1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerESttP:oJPEB8NWq9hqqd0V

Score

10^/10

mirai lzrd

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  326-1-0x00400000-0x00452a58-memory.dmp
- Size
  
  73KB
- MD5
  
  338036bf13842b001d1495beca538f1c
- SHA1
  
  f3b96c214951362765ac3ff210e2833dfba9063b
- SHA256
  
  f3b52a4a251dee204cf50c4a7a84f9c0c68bbd96a415cb53554550bff1a8ef29
- SHA512
  
  e789068d86d6c78b49f2d83434969b7a5b3b8319b3eca448afd0f99c1f22ed753971d303fa921a7f10a0e7a2999bc305f9c2e6f3cdf093983e524ac2c59db9f2
- SSDEEP
  
  1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerESttP:oJPEB8NWq9hqqd0V
Score

7^/10
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1