mirai | 8434d699b1e920d09e20db6060a3ed04ea102b59bdd051833e7c65b90ac27b10 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32810x004000000x00452a58m.dmp
Size

73KB
Sample

230704-phnj7scf45
MD5

c5fc6ffd9b693019b06dd1247b2a53b5
SHA1

2968eb9079c5b5853c094b28f323d66328433990
SHA256

8434d699b1e920d09e20db6060a3ed04ea102b59bdd051833e7c65b90ac27b10
SHA512

126e5b0aab004837dfb00fa074209e115b60fdecc5d31fae26163ecf35b188b0d12c0f4de4cab97f30067ba794b1be0a8dc76f45c7c36b5f2b2c92900530f857
SSDEEP

1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerEStBP:oJPEB8NWq9hqqd0J

Score

10^/10

mirai lzrd

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  32810x004000000x00452a58m.dmp
- Size
  
  73KB
- MD5
  
  c5fc6ffd9b693019b06dd1247b2a53b5
- SHA1
  
  2968eb9079c5b5853c094b28f323d66328433990
- SHA256
  
  8434d699b1e920d09e20db6060a3ed04ea102b59bdd051833e7c65b90ac27b10
- SHA512
  
  126e5b0aab004837dfb00fa074209e115b60fdecc5d31fae26163ecf35b188b0d12c0f4de4cab97f30067ba794b1be0a8dc76f45c7c36b5f2b2c92900530f857
- SSDEEP
  
  1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerEStBP:oJPEB8NWq9hqqd0J
Score

7^/10
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1