mirai | b2b20b83eff263782fb699d4f914eb214856b06d15bcb0567cdc667ac536b45c | Triage

Sharing

General

Target

709-1-0x00400000-0x00452a58-memory.dmp
Size

73KB
Sample

240410-rddwbaad25
MD5

04989222dde85745cb786ec2a0f45a57
SHA1

9c1edb4187e4db482407b58364d4639359ce2136
SHA256

b2b20b83eff263782fb699d4f914eb214856b06d15bcb0567cdc667ac536b45c
SHA512

376ecd2809756987989045e67a301400120d83afdd5a52d16595717656a3700ffc30002257f3698f3d4da4a67a70ff3257c493180d9fca0887a33d93b9c10471
SSDEEP

1536:oJPEBmW5iNWqcGT+wnXHZ84OqdZerESt4P:oJPEB8NWq9zqqd0a

Score

10^/10

mirai lzrd

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  709-1-0x00400000-0x00452a58-memory.dmp
- Size
  
  73KB
- MD5
  
  04989222dde85745cb786ec2a0f45a57
- SHA1
  
  9c1edb4187e4db482407b58364d4639359ce2136
- SHA256
  
  b2b20b83eff263782fb699d4f914eb214856b06d15bcb0567cdc667ac536b45c
- SHA512
  
  376ecd2809756987989045e67a301400120d83afdd5a52d16595717656a3700ffc30002257f3698f3d4da4a67a70ff3257c493180d9fca0887a33d93b9c10471
- SSDEEP
  
  1536:oJPEBmW5iNWqcGT+wnXHZ84OqdZerESt4P:oJPEB8NWq9zqqd0a
Score

7^/10
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1