mirai | 89c0e3a24875e3d539f8ef374440f8eb2e88b22a68da9f5de054e7ec096b21d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc80c6af6358d4fde71f572018f53c61_JaffaCakes118
Size

54KB
Sample

240912-srdm5s1dkh
MD5

dc80c6af6358d4fde71f572018f53c61
SHA1

1d3ac66474623e5947cde4de82297fc666ce8475
SHA256

89c0e3a24875e3d539f8ef374440f8eb2e88b22a68da9f5de054e7ec096b21d1
SHA512

a451ff0249027b8fed4d5226fe84cf146727de0deb7dd84b3114bd41894b24dfde388f76b0e7b6a179f155d472601cee311250eeca3d6d38d65cb4b81106d231
SSDEEP

1536:t7KNHU8apLmsk1AxKWHfCCSWKyDhwOW1Usgkclc:t7uURpKsk1Ax/CtyNBWOsg/m

Score

10^/10

mirai mirai defense_evasion linux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  dc80c6af6358d4fde71f572018f53c61_JaffaCakes118
- Size
  
  54KB
- MD5
  
  dc80c6af6358d4fde71f572018f53c61
- SHA1
  
  1d3ac66474623e5947cde4de82297fc666ce8475
- SHA256
  
  89c0e3a24875e3d539f8ef374440f8eb2e88b22a68da9f5de054e7ec096b21d1
- SHA512
  
  a451ff0249027b8fed4d5226fe84cf146727de0deb7dd84b3114bd41894b24dfde388f76b0e7b6a179f155d472601cee311250eeca3d6d38d65cb4b81106d231
- SSDEEP
  
  1536:t7KNHU8apLmsk1AxKWHfCCSWKyDhwOW1Usgkclc:t7uURpKsk1Ax/CtyNBWOsg/m
Score

7^/10

defense_evasion
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasion