mirai | 3b9f9b5deed4a824f125b7496bdc54942eaa9d471328674c9d78fad03a274f4a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

346f13763e14be54e3fca3982da52e68
Size

33KB
Sample

231219-2wdclsfagm
MD5

346f13763e14be54e3fca3982da52e68
SHA1

08cbaa549bcce075713350519ffee1501a5dac70
SHA256

3b9f9b5deed4a824f125b7496bdc54942eaa9d471328674c9d78fad03a274f4a
SHA512

e1e7b859ab656111aeaf0a728b18624ddb061fd7e36dcce2649d6fc96206364ddc67b30f580e19ea34e5977af6793b64a602f40694b80592580f043554a08148
SSDEEP

768:6U/9tIqD19nju0YPOoi+oFHfr6AjBxTO48DUgbLmS3Uf:6U/9tIqD19ju77T+/rrBp8DUgbLmn

Score

10^/10

mirai itsu botnet

Malware Config

Extracted

Family

mirai

Botnet

ITSU

Targets

- Target
  
  346f13763e14be54e3fca3982da52e68
- Size
  
  33KB
- MD5
  
  346f13763e14be54e3fca3982da52e68
- SHA1
  
  08cbaa549bcce075713350519ffee1501a5dac70
- SHA256
  
  3b9f9b5deed4a824f125b7496bdc54942eaa9d471328674c9d78fad03a274f4a
- SHA512
  
  e1e7b859ab656111aeaf0a728b18624ddb061fd7e36dcce2649d6fc96206364ddc67b30f580e19ea34e5977af6793b64a602f40694b80592580f043554a08148
- SSDEEP
  
  768:6U/9tIqD19nju0YPOoi+oFHfr6AjBxTO48DUgbLmS3Uf:6U/9tIqD19ju77T+/rrBp8DUgbLmn
Score

10^/10

mirai itsu botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Changes its process name
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraiitsubotnet