mirai | a41754c1f351834cafca1ec467c8c1565855f8099155c93d4bfed75e5f0fff97 | Triage

Submit
Reports

Overview

overview

Static

static

f6430e21a1...84.elf

debian-9-mips

7

Sharing

General

Target

f6430e21a13f6832f40dfd6545942d84.elf
Size

95KB
Sample

240405-qq8qsadh32
MD5

f6430e21a13f6832f40dfd6545942d84
SHA1

6685a25c0803209e451385718a194a79f2bdfd2a
SHA256

a41754c1f351834cafca1ec467c8c1565855f8099155c93d4bfed75e5f0fff97
SHA512

8bd9993ff82900bb02cd8dccf16eb18ca2f66451dfcded4458d480e87ae602f00b797eb64a223e8723846ac870416363a29282604da1206c52749b06f9451449
SSDEEP

1536:/hK1Hb/V3UyGzDDvnjXZRfqy09kqGTkQHmFTI2RqserCzTCo:U1Hbd3UyGTn9RfkMTkQcTlqSzTCo

Score

10^/10

mirai mirai evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f6430e21a13f6832f40dfd6545942d84.elf

Resource

debian9-mipsbe-20240226-en

debian-9-mips

8 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  f6430e21a13f6832f40dfd6545942d84.elf
- Size
  
  95KB
- MD5
  
  f6430e21a13f6832f40dfd6545942d84
- SHA1
  
  6685a25c0803209e451385718a194a79f2bdfd2a
- SHA256
  
  a41754c1f351834cafca1ec467c8c1565855f8099155c93d4bfed75e5f0fff97
- SHA512
  
  8bd9993ff82900bb02cd8dccf16eb18ca2f66451dfcded4458d480e87ae602f00b797eb64a223e8723846ac870416363a29282604da1206c52749b06f9451449
- SSDEEP
  
  1536:/hK1Hb/V3UyGzDDvnjXZRfqy09kqGTkQHmFTI2RqserCzTCo:U1Hbd3UyGTn9RfkMTkQcTlqSzTCo
Score

7^/10

evasion
- Changes its process name
- Deletes Audit logs
  Deletes logs related to the Linux Audit framework.
  evasion
- Deletes itself
- Deletes system logs
  Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
  evasion
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Deletes log files
  Deletes log files on the system.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Indicator Removal

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy