mirai | 16a71312dce99e239db7f869e936c2a1fccd1482a93e25829f815ac39349fc91 | Triage

Sharing

General

Target

81d16c2027847567b930daa10f0b29ed_JaffaCakes118
Size

130KB
Sample

240801-1hdksaxckk
MD5

81d16c2027847567b930daa10f0b29ed
SHA1

a03ef2a46333e426253c23db31f60a9ebf4cd58e
SHA256

16a71312dce99e239db7f869e936c2a1fccd1482a93e25829f815ac39349fc91
SHA512

58f342311efa5671fe85088ce3ffd147dac6baf8a9c58bbf431486141d5e819185f94b63819428195227514fa671c0611662bd880442e41a09758306c3e1e293
SSDEEP

3072:MA/pAUAOZEXgQczKuCVmlJx74DiI4UG5hHDI+OyWaLIM/9+D3:MAxvAOZsgQczKj4JhI4UG5hjIyWacM/e

Score

10^/10

mirai mirai

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

C2

r.nexusiotsolutions.net

Targets

- Target
  
  81d16c2027847567b930daa10f0b29ed_JaffaCakes118
- Size
  
  130KB
- MD5
  
  81d16c2027847567b930daa10f0b29ed
- SHA1
  
  a03ef2a46333e426253c23db31f60a9ebf4cd58e
- SHA256
  
  16a71312dce99e239db7f869e936c2a1fccd1482a93e25829f815ac39349fc91
- SHA512
  
  58f342311efa5671fe85088ce3ffd147dac6baf8a9c58bbf431486141d5e819185f94b63819428195227514fa671c0611662bd880442e41a09758306c3e1e293
- SSDEEP
  
  3072:MA/pAUAOZEXgQczKuCVmlJx74DiI4UG5hHDI+OyWaLIM/9+D3:MAxvAOZsgQczKj4JhI4UG5hjIyWacM/e
Score

7^/10
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1