mirai | 7a4eac771d2e330ec8c78216d384856813004cfa06100bea123a8a6daa98baba | Triage

Sharing

General

Target

15bd65121b0ae9cb94df98b5c19204cc_JaffaCakes118
Size

54KB
Sample

240505-dtalyagc77
MD5

15bd65121b0ae9cb94df98b5c19204cc
SHA1

ccf9ed409fefb8ae1c0810c8c4336956ef8775c3
SHA256

7a4eac771d2e330ec8c78216d384856813004cfa06100bea123a8a6daa98baba
SHA512

4d8ecb2ebf5561b8720bd84faf525d35bdeeb8dfd39516c657c2bc107983a76bbb1e489ba1135848334dcc923ed56d391cc651c0a22b2d8e6707d960b6839b2b
SSDEEP

1536:36Ew7hWCbZ6OzptrGP85wXylWTF+Lt+Rc:C1W4Z6OzP4NXylWp+LQK

Score

10^/10

mirai mirai linux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  15bd65121b0ae9cb94df98b5c19204cc_JaffaCakes118
- Size
  
  54KB
- MD5
  
  15bd65121b0ae9cb94df98b5c19204cc
- SHA1
  
  ccf9ed409fefb8ae1c0810c8c4336956ef8775c3
- SHA256
  
  7a4eac771d2e330ec8c78216d384856813004cfa06100bea123a8a6daa98baba
- SHA512
  
  4d8ecb2ebf5561b8720bd84faf525d35bdeeb8dfd39516c657c2bc107983a76bbb1e489ba1135848334dcc923ed56d391cc651c0a22b2d8e6707d960b6839b2b
- SSDEEP
  
  1536:36Ew7hWCbZ6OzptrGP85wXylWTF+Lt+Rc:C1W4Z6OzP4NXylWp+LQK
Score

7^/10
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1