mirai | 325649cf50bdbd5ae229cc45cd0b3799b5139107da68e96ceb2922ac7845aee4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8aaad43fe47ce4a621020668a38094c5
Size

109KB
Sample

231220-g1w1asfcap
MD5

8aaad43fe47ce4a621020668a38094c5
SHA1

ef9bcf058e1b09b311393f2a67443cdd0e821be4
SHA256

325649cf50bdbd5ae229cc45cd0b3799b5139107da68e96ceb2922ac7845aee4
SHA512

b14e029708b41112e5e93d1100f58b6bc061d6c1c3e36412cc586f92f33148a421403301e3fbf2f424c3ce2e3f53e6c3e76ea6de4d47836463b1f8c7543d1707
SSDEEP

3072:Y7YnIxcvTHN67/z48qzTzDNBb3WISM/9lXUp:GYnl7t67/z48qvzPbGrM/9lEp

Score

10^/10

mirai sefa

Malware Config

Extracted

Family

mirai

Botnet

SEFA

C2

cnc.mariokartayy.com

Targets

- Target
  
  8aaad43fe47ce4a621020668a38094c5
- Size
  
  109KB
- MD5
  
  8aaad43fe47ce4a621020668a38094c5
- SHA1
  
  ef9bcf058e1b09b311393f2a67443cdd0e821be4
- SHA256
  
  325649cf50bdbd5ae229cc45cd0b3799b5139107da68e96ceb2922ac7845aee4
- SHA512
  
  b14e029708b41112e5e93d1100f58b6bc061d6c1c3e36412cc586f92f33148a421403301e3fbf2f424c3ce2e3f53e6c3e76ea6de4d47836463b1f8c7543d1707
- SSDEEP
  
  3072:Y7YnIxcvTHN67/z48qzTzDNBb3WISM/9lXUp:GYnl7t67/z48qvzPbGrM/9lEp
Score

7^/10
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1