Overview

overview

10

Static

static

10

1544-1-0x0...ry.dmp

ubuntu-20.04-amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1544-1-0x0000000000400000-0x0000000000612cb8-memory.dmp

  • Size

    64KB

  • Sample

    240506-3vkkzagh8x

  • MD5

    798466c0bca7f4685da26a6e6ca84e9a

  • SHA1

    788fa6d54e2bfa071cfa3d12ee32c10f42685a0a

  • SHA256

    12c9b376e774627c69ab50ee9f3b31ab6bf3cf752fb3751a931ede695d3b066e

  • SHA512

    d37d268ae9044b661d05c2895e63a16fcfadeed9998487b0cee845ba3a8748b6dbd44c211dcddb408794c01baab22f79f58db12528413bee6a55c985ba350aad

  • SSDEEP

    1536:JRMw6aLO8KDLABUA8MjsILKNYIY2I9hyG7SbAW0Uwo:JRMZaLtKDLaUzastNYIc9hyG70ozo

Score
10/10
mirailzrdlinux

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      1544-1-0x0000000000400000-0x0000000000612cb8-memory.dmp

    • Size

      64KB

    • MD5

      798466c0bca7f4685da26a6e6ca84e9a

    • SHA1

      788fa6d54e2bfa071cfa3d12ee32c10f42685a0a

    • SHA256

      12c9b376e774627c69ab50ee9f3b31ab6bf3cf752fb3751a931ede695d3b066e

    • SHA512

      d37d268ae9044b661d05c2895e63a16fcfadeed9998487b0cee845ba3a8748b6dbd44c211dcddb408794c01baab22f79f58db12528413bee6a55c985ba350aad

    • SSDEEP

      1536:JRMw6aLO8KDLABUA8MjsILKNYIY2I9hyG7SbAW0Uwo:JRMZaLtKDLaUzastNYIc9hyG70ozo

    Score
    7/10

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Hijack Execution Flow

1
T1574

Privilege Escalation

Hijack Execution Flow

1
T1574

Defense Evasion

Impair Defenses

1
T1562

Hijack Execution Flow

1
T1574

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks