mirai | 96896953bbda176f34cfc72f865d3417269541145320c7c7b6add6ec825c5606 | Triage

Sharing

General

Target

708-1-0x00400000-0x00452a58-memory.dmp
Size

73KB
Sample

240327-nyb1nsbd24
MD5

6a829ebfe08edf7613fe91376b7f698e
SHA1

439311a9038b0fe01c5d38bef108f9e723cb8049
SHA256

96896953bbda176f34cfc72f865d3417269541145320c7c7b6add6ec825c5606
SHA512

cdf5626cb66c66d3a42b21634d1f82fbc7ee503c994b3c3df01f66eaaa3d0306125ec163e68615c2904ac619cea162019457ec44b7f39f5193d4232e07e3f503
SSDEEP

1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerEStiP:oJPEB8NWq9hqqd0c

Score

10^/10

mirai lzrd

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  708-1-0x00400000-0x00452a58-memory.dmp
- Size
  
  73KB
- MD5
  
  6a829ebfe08edf7613fe91376b7f698e
- SHA1
  
  439311a9038b0fe01c5d38bef108f9e723cb8049
- SHA256
  
  96896953bbda176f34cfc72f865d3417269541145320c7c7b6add6ec825c5606
- SHA512
  
  cdf5626cb66c66d3a42b21634d1f82fbc7ee503c994b3c3df01f66eaaa3d0306125ec163e68615c2904ac619cea162019457ec44b7f39f5193d4232e07e3f503
- SSDEEP
  
  1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerEStiP:oJPEB8NWq9hqqd0c
Score

7^/10
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1