mirai | 68c75ab4644e3eb23547d5fe682893839c970b652310cfe6c24902ae0b68bd65 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

594-1-0x0000000008048000-0x00000000080547a0-memory.dmp
Size

48KB
Sample

230823-fkgd8sbc9t
MD5

fef293931595f11be8c4279a6b888114
SHA1

cb96536f279ab24cde895bfcdbf31f0b0e0211f3
SHA256

68c75ab4644e3eb23547d5fe682893839c970b652310cfe6c24902ae0b68bd65
SHA512

b19e7687d0364883b26054089f23efdae91578e202815ce2b400585e62d01d381c5a5cf58c42150b27a4a59d907741ec9c7dc57572e75e6230edc3d7ce604080
SSDEEP

1536:6nJRT4QPfZfW5XTOeY3Dve3AGX57/4Qw7bn2izeA:Gv4QPfZfW5XTOeoEzJ7AQwf2iR

Score

10^/10

mirai lzrd linux

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  594-1-0x0000000008048000-0x00000000080547a0-memory.dmp
- Size
  
  48KB
- MD5
  
  fef293931595f11be8c4279a6b888114
- SHA1
  
  cb96536f279ab24cde895bfcdbf31f0b0e0211f3
- SHA256
  
  68c75ab4644e3eb23547d5fe682893839c970b652310cfe6c24902ae0b68bd65
- SHA512
  
  b19e7687d0364883b26054089f23efdae91578e202815ce2b400585e62d01d381c5a5cf58c42150b27a4a59d907741ec9c7dc57572e75e6230edc3d7ce604080
- SSDEEP
  
  1536:6nJRT4QPfZfW5XTOeY3Dve3AGX57/4Qw7bn2izeA:Gv4QPfZfW5XTOeoEzJ7AQwf2iR
Score

7^/10
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1