General

  • Target

    1563-1-0x0000000008048000-0x0000000008056c40-memory.dmp

  • Size

    53KB

  • Sample

    240327-ns7kdsed21

  • MD5

    b2b1dd3c23f277a00fdef5528493a75c

  • SHA1

    5b5dc358f490b99a9e5814c562c5e4009719f423

  • SHA256

    0be9d74b6f1aab4fb0102f0979447583aa1dec3be5a6e1e683bc97708d7e587b

  • SHA512

    aeff5564aed124e8333101cce65c70e4952f0f5322933843a8480b8dee0f03bf98ae46cb7e2766997d8bd1990d65577002d7157631d5e82a5b934aa76828a790

  • SSDEEP

    768:LfYcj17BglTIJ/sITKUEPgK+4CaS7HA691CO1zBAx3/9S2BxdlhcTqmq16US0s7o:bDgIJ/sITaoECaCzubhYqmG6R57o

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      1563-1-0x0000000008048000-0x0000000008056c40-memory.dmp

    • Size

      53KB

    • MD5

      b2b1dd3c23f277a00fdef5528493a75c

    • SHA1

      5b5dc358f490b99a9e5814c562c5e4009719f423

    • SHA256

      0be9d74b6f1aab4fb0102f0979447583aa1dec3be5a6e1e683bc97708d7e587b

    • SHA512

      aeff5564aed124e8333101cce65c70e4952f0f5322933843a8480b8dee0f03bf98ae46cb7e2766997d8bd1990d65577002d7157631d5e82a5b934aa76828a790

    • SSDEEP

      768:LfYcj17BglTIJ/sITKUEPgK+4CaS7HA691CO1zBAx3/9S2BxdlhcTqmq16US0s7o:bDgIJ/sITaoECaCzubhYqmG6R57o

    Score
    7/10
    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks