mirai | 4396e6674fcde3df230b545d4a0c7a6e4b78505523d233652891ae1e172e574f | Triage

Resubmissions

16-05-2024 08:19

240516-j7729abg5v 10

16-05-2024 05:32

240516-f79z3aed68 10

Sharing

General

Target

499b5cb1af9ebf0b1ccaeb3c38c8265f_JaffaCakes118
Size

54KB
Sample

240516-f79z3aed68
MD5

499b5cb1af9ebf0b1ccaeb3c38c8265f
SHA1

291fdc2aaa136b1834d2e83218b7cd08fd9a37b0
SHA256

4396e6674fcde3df230b545d4a0c7a6e4b78505523d233652891ae1e172e574f
SHA512

8ad86fbaa1c6f6f1eade04d10c10c78d7f83118c03ea4afe22dce3acde77bad9172d059eb0645987ac94bd163c2da45a5702ac3544cccb8374769862983297e2
SSDEEP

1536:CRJwTcp2PZCTQg7csAeoAFWL4c4owjMI:SwTo2PZCLQ9YFWUc4zg

Score

10^/10

mirai mirai linux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  499b5cb1af9ebf0b1ccaeb3c38c8265f_JaffaCakes118
- Size
  
  54KB
- MD5
  
  499b5cb1af9ebf0b1ccaeb3c38c8265f
- SHA1
  
  291fdc2aaa136b1834d2e83218b7cd08fd9a37b0
- SHA256
  
  4396e6674fcde3df230b545d4a0c7a6e4b78505523d233652891ae1e172e574f
- SHA512
  
  8ad86fbaa1c6f6f1eade04d10c10c78d7f83118c03ea4afe22dce3acde77bad9172d059eb0645987ac94bd163c2da45a5702ac3544cccb8374769862983297e2
- SSDEEP
  
  1536:CRJwTcp2PZCTQg7csAeoAFWL4c4owjMI:SwTo2PZCLQ9YFWUc4zg
Score

7^/10
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1