mirai | 6143ec4710fdd76d20fd5e50e266fff49849f30fec86b775770da07dceccac48 | Triage

Sharing

General

Target

75bed8725671edcfed7a957faa926c66
Size

189KB
Sample

231220-a1z9dsfga9
MD5

75bed8725671edcfed7a957faa926c66
SHA1

916c7587e42cd35b945a26ffd5c377b639b36ab4
SHA256

6143ec4710fdd76d20fd5e50e266fff49849f30fec86b775770da07dceccac48
SHA512

51a1d415c49844bbeadbcf5ae8e26422b96b7c60fd4e3ca910a6c303858bf50f59de163727035ca31ae616e68e5fca60935591a299a4a3c809844989c7bd2b22
SSDEEP

3072:Ued04COSEC1npPZcgcybsaYgYgl9+i6MCI24Q3X+5bkM/9roUro:hd0CXC1nFZc7ybsaYgYgl9R6Mj0X+5Qr

Score

10^/10

mirai

Malware Config

Extracted

Family

mirai

C2

cdn.prototype-br.xyz

Targets

- Target
  
  75bed8725671edcfed7a957faa926c66
- Size
  
  189KB
- MD5
  
  75bed8725671edcfed7a957faa926c66
- SHA1
  
  916c7587e42cd35b945a26ffd5c377b639b36ab4
- SHA256
  
  6143ec4710fdd76d20fd5e50e266fff49849f30fec86b775770da07dceccac48
- SHA512
  
  51a1d415c49844bbeadbcf5ae8e26422b96b7c60fd4e3ca910a6c303858bf50f59de163727035ca31ae616e68e5fca60935591a299a4a3c809844989c7bd2b22
- SSDEEP
  
  3072:Ued04COSEC1npPZcgcybsaYgYgl9+i6MCI24Q3X+5bkM/9roUro:hd0CXC1nFZc7ybsaYgYgl9R6Mj0X+5Qr
Score

7^/10
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1