mirai | d7214d02416c8fdbeba063b32085fa0529b66ec911f4ee0c970b579b667ca2aa | Triage

Sharing

General

Target

d7214d02416c8fdbeba063b32085fa0529b66ec911f4ee0c970b579b667ca2aa.elf
Size

156KB
Sample

240627-b4emjawcqf
MD5

a8c9f2729599a1bfdab2124b4ba4dce5
SHA1

85e4e9730acb96abc04e66b56807a026d6e8a31a
SHA256

d7214d02416c8fdbeba063b32085fa0529b66ec911f4ee0c970b579b667ca2aa
SHA512

d77ce3ec089d6decc9bedaf7c41f87650bf7bfaccd7a7daba9dc77832ae57db8d4e2d05d847b1cb8b6beb0285dcdbe134e6f7cf9f7e581bcc625db077745fc90
SSDEEP

3072:ShehLhvC9Uqlj66y8unnoHsvnGQ7/TBQF/s:ShehLhDO1zyoH+5/To/s

Score

10^/10

mirai mirai

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  d7214d02416c8fdbeba063b32085fa0529b66ec911f4ee0c970b579b667ca2aa.elf
- Size
  
  156KB
- MD5
  
  a8c9f2729599a1bfdab2124b4ba4dce5
- SHA1
  
  85e4e9730acb96abc04e66b56807a026d6e8a31a
- SHA256
  
  d7214d02416c8fdbeba063b32085fa0529b66ec911f4ee0c970b579b667ca2aa
- SHA512
  
  d77ce3ec089d6decc9bedaf7c41f87650bf7bfaccd7a7daba9dc77832ae57db8d4e2d05d847b1cb8b6beb0285dcdbe134e6f7cf9f7e581bcc625db077745fc90
- SSDEEP
  
  3072:ShehLhvC9Uqlj66y8unnoHsvnGQ7/TBQF/s:ShehLhDO1zyoH+5/To/s
Score

7^/10
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1