mirai | d5a77bc6d299a65aa4b4c636770d0719586b0815f34d4c7c30e23e0dac240223 | Triage

Sharing

General

Target

d5a77bc6d299a65aa4b4c636770d0719586b0815f34d4c7c30e23e0dac240223.elf
Size

125KB
Sample

240212-e71wqaac7x
MD5

ae45c690a46eb1670d0b249f806bbff3
SHA1

972f153e83e17d2457899cdfd36d9df13f23f247
SHA256

d5a77bc6d299a65aa4b4c636770d0719586b0815f34d4c7c30e23e0dac240223
SHA512

84564b7af67cc30fac552bcb096445b6523facdd9062ff441e742e9c8b0dff8d7604902bdc40348705fb7c276b00278d66940ffc69470d675a65c5b51feebc13
SSDEEP

3072:tDOIuhblIGmsfJUIifn1dRFGbbJM/9OtQTKP:tDOIWbaGmsfJU7fzjGb9M/9OtUG

Score

10^/10

mirai

Malware Config

Targets

- Target
  
  d5a77bc6d299a65aa4b4c636770d0719586b0815f34d4c7c30e23e0dac240223.elf
- Size
  
  125KB
- MD5
  
  ae45c690a46eb1670d0b249f806bbff3
- SHA1
  
  972f153e83e17d2457899cdfd36d9df13f23f247
- SHA256
  
  d5a77bc6d299a65aa4b4c636770d0719586b0815f34d4c7c30e23e0dac240223
- SHA512
  
  84564b7af67cc30fac552bcb096445b6523facdd9062ff441e742e9c8b0dff8d7604902bdc40348705fb7c276b00278d66940ffc69470d675a65c5b51feebc13
- SSDEEP
  
  3072:tDOIuhblIGmsfJUIifn1dRFGbbJM/9OtQTKP:tDOIWbaGmsfJU7fzjGb9M/9OtUG
Score

7^/10
- Changes its process name
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1