mirai | 864dd2c515bc94a27f0905ba64c4ef1f79774e47eab6e609ad66952f72b71296 | Triage

Sharing

General

Target

a647b496fb36d4ea7f34092cd929ec3f.elf
Size

57KB
Sample

240520-ss15tsfc77
MD5

a647b496fb36d4ea7f34092cd929ec3f
SHA1

39951142bb9bba0ff372118ec5793974ce093ae6
SHA256

864dd2c515bc94a27f0905ba64c4ef1f79774e47eab6e609ad66952f72b71296
SHA512

b1aef307a85e61187338db80c5b90f51c4f75653c5cfa2d041a3a496d6c92aef17d567b40ae5d704b795f1fe163927bb1237f1dcc27ee2916dfb460777ce46af
SSDEEP

1536:WOPeqz/9RRV/6D3NjVkkh6oQYrY1NnohDcrJAFY6mSj/:WMe6/9RRV/w3NhkkQoQYrYPncD6JEr7/

Score

10^/10

mirai linux

Malware Config

Targets

- Target
  
  a647b496fb36d4ea7f34092cd929ec3f.elf
- Size
  
  57KB
- MD5
  
  a647b496fb36d4ea7f34092cd929ec3f
- SHA1
  
  39951142bb9bba0ff372118ec5793974ce093ae6
- SHA256
  
  864dd2c515bc94a27f0905ba64c4ef1f79774e47eab6e609ad66952f72b71296
- SHA512
  
  b1aef307a85e61187338db80c5b90f51c4f75653c5cfa2d041a3a496d6c92aef17d567b40ae5d704b795f1fe163927bb1237f1dcc27ee2916dfb460777ce46af
- SSDEEP
  
  1536:WOPeqz/9RRV/6D3NjVkkh6oQYrY1NnohDcrJAFY6mSj/:WMe6/9RRV/w3NhkkQoQYrYPncD6JEr7/
Score

7^/10
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Traces itself
  Traces itself to prevent debugging attempts
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1