mirai | 604a2958ec34f0d0d2d1ecd36d836957590cde5db94cbea9b2042e5b03a41afe | Triage

Sharing

General

Target

3609cef3d495ad9b62b94a1461c95778
Size

152KB
Sample

231219-2wyzbafcgm
MD5

3609cef3d495ad9b62b94a1461c95778
SHA1

518dbedee74a7c2620477db9d2c0560ed65ca4c1
SHA256

604a2958ec34f0d0d2d1ecd36d836957590cde5db94cbea9b2042e5b03a41afe
SHA512

6e14dc7910f93a3f7f237bf0347c67818392c50e151fde489cd880d7605261fa19da3bc3e610672b60de9b839f55e746df0b27000f479fd62d4e2992c5c36004
SSDEEP

3072:vojOy5/h8zosTJFsHdcM70QFhPKcY+s8oo6zT8:voSy/8zosTE9cnQFhCLR8YzT

Score

10^/10

mirai mirai

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

C2

185.117.75.140

Targets

- Target
  
  3609cef3d495ad9b62b94a1461c95778
- Size
  
  152KB
- MD5
  
  3609cef3d495ad9b62b94a1461c95778
- SHA1
  
  518dbedee74a7c2620477db9d2c0560ed65ca4c1
- SHA256
  
  604a2958ec34f0d0d2d1ecd36d836957590cde5db94cbea9b2042e5b03a41afe
- SHA512
  
  6e14dc7910f93a3f7f237bf0347c67818392c50e151fde489cd880d7605261fa19da3bc3e610672b60de9b839f55e746df0b27000f479fd62d4e2992c5c36004
- SSDEEP
  
  3072:vojOy5/h8zosTJFsHdcM70QFhPKcY+s8oo6zT8:voSy/8zosTE9cnQFhCLR8YzT
Score

7^/10
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1