mirai | 21974e05dc5c6bbabea2f4ef9938ee926ea78d7b54fbe155b092fb67ae484f2c | Triage

Sharing

General

Target

21974e05dc5c6bbabea2f4ef9938ee926ea78d7b54fbe155b092fb67ae484f2c.elf
Size

138KB
Sample

240723-bwwwvazcqg
MD5

175c5fbf2d7e65cfb288456bf2ab23ef
SHA1

7da35395ecf379180ffb17dc820e9ccd29a86b26
SHA256

21974e05dc5c6bbabea2f4ef9938ee926ea78d7b54fbe155b092fb67ae484f2c
SHA512

d81fcf1abed8f996291dceffe2343ec48d6ae70743b3eee8aff0a86aa85479e1723cfeb0307f72c3ca8d2ef4c7a9c20856b35abf38ca57920ade3872abdf0179
SSDEEP

3072:rZj9PrNkau2EARuOS8P8BItVS6YrZ7ouyxVjOga5X:rZjPkau2EARuOh8NdF7ouyxVjgx

Score

10^/10

mirai botnet

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Targets

- Target
  
  21974e05dc5c6bbabea2f4ef9938ee926ea78d7b54fbe155b092fb67ae484f2c.elf
- Size
  
  138KB
- MD5
  
  175c5fbf2d7e65cfb288456bf2ab23ef
- SHA1
  
  7da35395ecf379180ffb17dc820e9ccd29a86b26
- SHA256
  
  21974e05dc5c6bbabea2f4ef9938ee926ea78d7b54fbe155b092fb67ae484f2c
- SHA512
  
  d81fcf1abed8f996291dceffe2343ec48d6ae70743b3eee8aff0a86aa85479e1723cfeb0307f72c3ca8d2ef4c7a9c20856b35abf38ca57920ade3872abdf0179
- SSDEEP
  
  3072:rZj9PrNkau2EARuOS8P8BItVS6YrZ7ouyxVjOga5X:rZjPkau2EARuOh8NdF7ouyxVjgx
Score

7^/10
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1