mirai | df4b89e3ff79fb2f83b477ded990dde9b9a556ab29a72ad4f4b86af23acc40f9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0xh0roxxnavebusyoo.x86.elf
Size

56KB
Sample

230705-3v5wxahg2t
MD5

527c43e347098fd22fe19a8b67f2349a
SHA1

026e755d8ab0d4eb44c75f398dd751d8c2e04252
SHA256

df4b89e3ff79fb2f83b477ded990dde9b9a556ab29a72ad4f4b86af23acc40f9
SHA512

2bfa7106b5e118a02acec4d67110b98c15d6d17b15d3d43093a59fafd13ab7a281b8d5942ee327dec9cc4c2d41fbf8c1edde64a94afe4b3053a73229267ab0fd
SSDEEP

1536:CVKFOD7prJkaNup1COy7O/HgepDaLiwui7EPZP8xI:XFOXprOfPTy7yHgepDaLru31Q

Score

10^/10

mirai linux

Malware Config

Extracted

Family

mirai

C2

the.timestop.online

Targets

- Target
  
  0xh0roxxnavebusyoo.x86.elf
- Size
  
  56KB
- MD5
  
  527c43e347098fd22fe19a8b67f2349a
- SHA1
  
  026e755d8ab0d4eb44c75f398dd751d8c2e04252
- SHA256
  
  df4b89e3ff79fb2f83b477ded990dde9b9a556ab29a72ad4f4b86af23acc40f9
- SHA512
  
  2bfa7106b5e118a02acec4d67110b98c15d6d17b15d3d43093a59fafd13ab7a281b8d5942ee327dec9cc4c2d41fbf8c1edde64a94afe4b3053a73229267ab0fd
- SSDEEP
  
  1536:CVKFOD7prJkaNup1COy7O/HgepDaLiwui7EPZP8xI:XFOXprOfPTy7yHgepDaLru31Q
Score

7^/10
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1