mirai | 37e63a18d880964dbe1a0bf04566d8c3e4c42a629276a1b135458c1208ad33d2 | Triage

Sharing

General

Target

0a1c9efbe0548ee56c4de43a6430fc40
Size

50KB
Sample

231219-2c7r4sbca2
MD5

0a1c9efbe0548ee56c4de43a6430fc40
SHA1

ed7c1ba56069189157c89c3585099c72b7403efb
SHA256

37e63a18d880964dbe1a0bf04566d8c3e4c42a629276a1b135458c1208ad33d2
SHA512

db72b5c2c1e10f38dad7e774884ad166b77c1df352e085e490fa5371003e8e053c003545de58d455c257b397ed5bae32a016a28bb2d21025f5620c4832348ce9
SSDEEP

768:RKOrijV1ukSeyDHI7rLP8e8g2nRwnBCNKhREysQJmoI8Y2UYHuGBNrQWTzF0Wvqb:MDBMkSPDg8gAizwQJHJG6z1cEvG9

Score

10^/10

mirai mirai

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

C2

185.117.75.140

Targets

- Target
  
  0a1c9efbe0548ee56c4de43a6430fc40
- Size
  
  50KB
- MD5
  
  0a1c9efbe0548ee56c4de43a6430fc40
- SHA1
  
  ed7c1ba56069189157c89c3585099c72b7403efb
- SHA256
  
  37e63a18d880964dbe1a0bf04566d8c3e4c42a629276a1b135458c1208ad33d2
- SHA512
  
  db72b5c2c1e10f38dad7e774884ad166b77c1df352e085e490fa5371003e8e053c003545de58d455c257b397ed5bae32a016a28bb2d21025f5620c4832348ce9
- SSDEEP
  
  768:RKOrijV1ukSeyDHI7rLP8e8g2nRwnBCNKhREysQJmoI8Y2UYHuGBNrQWTzF0Wvqb:MDBMkSPDg8gAizwQJHJG6z1cEvG9
Score

7^/10
- Changes its process name
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1