mirai | 1aaaa61f4d7b559c2e133c18ff3be618d0db1648c8182127ea974e31ba780398 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0771f8d6cdb73c741881cbc9fb07b4f6
Size

59KB
Sample

231219-2b5lcsfehn
MD5

0771f8d6cdb73c741881cbc9fb07b4f6
SHA1

cadecaae8b372d01e86f1569fda2eaea862234c8
SHA256

1aaaa61f4d7b559c2e133c18ff3be618d0db1648c8182127ea974e31ba780398
SHA512

40631e79b6d48829dc846475e7243bd63da6445e7c15aa3038c074b2831cd67106db6b1238e76e0a6c052fe33eb26d9427e95b725d0778954b77773fbbc08651
SSDEEP

1536:pScftOAXzL4fz2LQkjuffudDpNG2xad7meyD:pSYDmOjuffsz5wyD

Score

10^/10

mirai itsu botnet

Malware Config

Extracted

Family

mirai

Botnet

ITSU

Targets

- Target
  
  0771f8d6cdb73c741881cbc9fb07b4f6
- Size
  
  59KB
- MD5
  
  0771f8d6cdb73c741881cbc9fb07b4f6
- SHA1
  
  cadecaae8b372d01e86f1569fda2eaea862234c8
- SHA256
  
  1aaaa61f4d7b559c2e133c18ff3be618d0db1648c8182127ea974e31ba780398
- SHA512
  
  40631e79b6d48829dc846475e7243bd63da6445e7c15aa3038c074b2831cd67106db6b1238e76e0a6c052fe33eb26d9427e95b725d0778954b77773fbbc08651
- SSDEEP
  
  1536:pScftOAXzL4fz2LQkjuffudDpNG2xad7meyD:pSYDmOjuffsz5wyD
Score

10^/10

mirai itsu botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Changes its process name
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraiitsubotnet