mirai | 631a0f7fe5daa96dbfd7bcbdd13d7b2e0137e40187608a081606b6cae2cf3952 | Triage

Sharing

General

Target

4b15c1db86ac2a8d552b898cbeb6a2ca_JaffaCakes118
Size

54KB
Sample

240516-pql2cacf4x
MD5

4b15c1db86ac2a8d552b898cbeb6a2ca
SHA1

15615517298f471f95fc4f36759ef9df362aae5b
SHA256

631a0f7fe5daa96dbfd7bcbdd13d7b2e0137e40187608a081606b6cae2cf3952
SHA512

e31a518afd063f725ded65d8bbefc6dd3a183919ad8a9892a819aea27a89e433c90e1c5a1ae958e33f997fcc0303a9eaa8a01fc46cb6a8125aa0e2ab1c1cee5c
SSDEEP

768:R3HT2eWvuWYb3kfSzDrbrivF8NOpQ+EU/HYXH7WYdTZrtOfxcX6y:RDBWYb3uSzDPrivF8QbFg7WCTZrt+xc

Score

10^/10

mirai mirai linux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  4b15c1db86ac2a8d552b898cbeb6a2ca_JaffaCakes118
- Size
  
  54KB
- MD5
  
  4b15c1db86ac2a8d552b898cbeb6a2ca
- SHA1
  
  15615517298f471f95fc4f36759ef9df362aae5b
- SHA256
  
  631a0f7fe5daa96dbfd7bcbdd13d7b2e0137e40187608a081606b6cae2cf3952
- SHA512
  
  e31a518afd063f725ded65d8bbefc6dd3a183919ad8a9892a819aea27a89e433c90e1c5a1ae958e33f997fcc0303a9eaa8a01fc46cb6a8125aa0e2ab1c1cee5c
- SSDEEP
  
  768:R3HT2eWvuWYb3kfSzDrbrivF8NOpQ+EU/HYXH7WYdTZrtOfxcX6y:RDBWYb3uSzDPrivF8QbFg7WCTZrt+xc
Score

7^/10
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1