mirai | 88a70b91517d2a56e91aa1be47acd090b91757a620cbe96d217887d75302d66a | Triage

Sharing

General

Target

88a70b91517d2a56e91aa1be47acd090b91757a620cbe96d217887d75302d66a.elf
Size

69KB
Sample

240425-b45tqadb9w
MD5

1c210e48a1aed6d2af0487665ffbf0d4
SHA1

a49152a25f4c8ec343d519d7cd2c26ae0c78d740
SHA256

88a70b91517d2a56e91aa1be47acd090b91757a620cbe96d217887d75302d66a
SHA512

67b9e2e0a9e7d30f06cfec2a571eb40c0505d19f926b3918755950ce7f87710b97d2e25163ebae69c26923c0594217fa4dae9520d46dcdd65103aa6b745a8bc1
SSDEEP

1536:gappboyw5WCqcjCQ8nihWBOReRUcqiWpvn1cZNcugIkxpesrsuB5W:gappEyqWC9ai4BO0+cqiWpv1cbEI+enn

Score

10^/10

mirai linux

Malware Config

Targets

- Target
  
  88a70b91517d2a56e91aa1be47acd090b91757a620cbe96d217887d75302d66a.elf
- Size
  
  69KB
- MD5
  
  1c210e48a1aed6d2af0487665ffbf0d4
- SHA1
  
  a49152a25f4c8ec343d519d7cd2c26ae0c78d740
- SHA256
  
  88a70b91517d2a56e91aa1be47acd090b91757a620cbe96d217887d75302d66a
- SHA512
  
  67b9e2e0a9e7d30f06cfec2a571eb40c0505d19f926b3918755950ce7f87710b97d2e25163ebae69c26923c0594217fa4dae9520d46dcdd65103aa6b745a8bc1
- SSDEEP
  
  1536:gappboyw5WCqcjCQ8nihWBOReRUcqiWpvn1cZNcugIkxpesrsuB5W:gappEyqWC9ai4BO0+cqiWpv1cbEI+enn
Score

7^/10
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Impair Defenses

Hijack Execution Flow

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1