mirai | 8e2539245e38d59c7c4cfefab9a8e32c4c36e1017b94a173c956202076514a8f | Triage

Submit
Reports

Overview

overview

Static

static

7

41b8e5bf80...0a.elf

debian-9-mips

Sharing

General

Target

9891e3427da372b839289a20d81bb318.bin
Size

31KB
Sample

240224-c9y4ssfa29
MD5

37db9f7b1ba9212425231d7b30abada2
SHA1

660b44f42e90f1d09d6b913d1d02a500936cb05c
SHA256

8e2539245e38d59c7c4cfefab9a8e32c4c36e1017b94a173c956202076514a8f
SHA512

2da7d3361aa92721c45abb145ce51ba85362638b1795e1f5e5f3f69472887381c86d62a83a1b325c7b61f9006d1b0b73aa40d634c02bb357dfae2c60f8a4f21e
SSDEEP

768:jvxRUvtx63pNHFl2OYO1mEigCcYgnr6/ntVRwme:ju25Fl2O56gCBg2ame

Score

10^/10

mirai mirai botnet evasion upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

41b8e5bf80bbef7fdda33e8973c43cc6dbb529a9fd3d8dffb6ede46f8be8a60a.elf

Resource

debian9-mipsbe-20240221-en

mirai mirai botnet evasion

debian-9-mips

7 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  41b8e5bf80bbef7fdda33e8973c43cc6dbb529a9fd3d8dffb6ede46f8be8a60a.elf
- Size
  
  32KB
- MD5
  
  9891e3427da372b839289a20d81bb318
- SHA1
  
  859a282fb61302b2335bc4f46ec17fa89066e28c
- SHA256
  
  41b8e5bf80bbef7fdda33e8973c43cc6dbb529a9fd3d8dffb6ede46f8be8a60a
- SHA512
  
  f46be0a3eb5dd4a03e6ee7d952b730f8c946b2b66598d74c6c10dbf26e7988ce39c70795ef574ad68ff62e62b07c0238b94c47145a17009fd0e3088891bcfb55
- SSDEEP
  
  768:1CMOseTJUbXEXC28HVW1154YDRZmKqUiJgGlzDpbuR1JH:I6MC24E1g2mKqUmVJup
Score

10^/10

mirai mirai botnet evasion
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Changes its process name
- Deletes Audit logs
  Deletes logs related to the Linux Audit framework.
  evasion
- Deletes itself
- Deletes system logs
  Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
  evasion
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Deletes log files
  Deletes log files on the system.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Indicator Removal

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

miraimiraibotnetevasion

© 2018-2024

Terms | Privacy