mirai | e52ff2c540f17d7f87a65816bc706cb7b73828739452e291640a823776a44d8a | Triage

Sharing

General

Target

701-1-0x00400000-0x00452a58-memory.dmp
Size

73KB
Sample

240321-kgztmagh7z
MD5

7f5de0fb9982805f025b8d72aa669671
SHA1

3bb7f72dbfdb276a2c1a00220b988c2cb2ec3198
SHA256

e52ff2c540f17d7f87a65816bc706cb7b73828739452e291640a823776a44d8a
SHA512

a32c1cc37f4104583bce51cdcd5e7b5696bec808c863b053f5b6563fa83f65def414555396ff688465f9f0d7a98e6b65727c21555d1b251f7e5e3d887a23b584
SSDEEP

1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerEStOP:oJPEB8NWq9hqqd04

Score

10^/10

mirai lzrd

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  701-1-0x00400000-0x00452a58-memory.dmp
- Size
  
  73KB
- MD5
  
  7f5de0fb9982805f025b8d72aa669671
- SHA1
  
  3bb7f72dbfdb276a2c1a00220b988c2cb2ec3198
- SHA256
  
  e52ff2c540f17d7f87a65816bc706cb7b73828739452e291640a823776a44d8a
- SHA512
  
  a32c1cc37f4104583bce51cdcd5e7b5696bec808c863b053f5b6563fa83f65def414555396ff688465f9f0d7a98e6b65727c21555d1b251f7e5e3d887a23b584
- SSDEEP
  
  1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerEStOP:oJPEB8NWq9hqqd04
Score

7^/10
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1