mirai | ff3f0d2d6df314a78375479278e549662cfb6d0b0a259b1715b4f77a584b6c52 | Triage

Submit
Reports

Overview

overview

Static

static

704-1-0x00...ry.dmp

debian-9-mipsel

7

Sharing

General

Target

704-1-0x00400000-0x004669b0-memory.dmp
Size

96KB
Sample

240401-1wv2zsgc7y
MD5

6ea329caf0d11bcaec59e23d2fb555c8
SHA1

2f2f59f2cca16a8918b3555996e553e24bfe7d0e
SHA256

ff3f0d2d6df314a78375479278e549662cfb6d0b0a259b1715b4f77a584b6c52
SHA512

e709518be30545b3002550f37e38d715f1deed28ff8f6190ced8fff8a3171aed6c4d741ae0e742b58c3d35db08b816bd7fb0ea4911e6f417f14f6e648f59f7ba
SSDEEP

1536:JHz/LXDKTTA00W3botHDDHj4fRQ8ceBuSTpldfncGZpQte09mw5:cvB0W3boRwXBuStldPcGOQw5

Score

10^/10

mirai mirai evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

704-1-0x00400000-0x004669b0-memory.dmp

Resource

debian9-mipsel-20240226-en

debian-9-mipsel

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  704-1-0x00400000-0x004669b0-memory.dmp
- Size
  
  96KB
- MD5
  
  6ea329caf0d11bcaec59e23d2fb555c8
- SHA1
  
  2f2f59f2cca16a8918b3555996e553e24bfe7d0e
- SHA256
  
  ff3f0d2d6df314a78375479278e549662cfb6d0b0a259b1715b4f77a584b6c52
- SHA512
  
  e709518be30545b3002550f37e38d715f1deed28ff8f6190ced8fff8a3171aed6c4d741ae0e742b58c3d35db08b816bd7fb0ea4911e6f417f14f6e648f59f7ba
- SSDEEP
  
  1536:JHz/LXDKTTA00W3botHDDHj4fRQ8ceBuSTpldfncGZpQte09mw5:cvB0W3boRwXBuStldPcGOQw5
Score

7^/10

evasion
- Changes its process name
- Deletes Audit logs
  Deletes logs related to the Linux Audit framework.
  evasion
- Deletes itself
- Deletes system logs
  Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
  evasion
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Deletes log files
  Deletes log files on the system.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Indicator Removal

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy