mirai | e26ec53db69ea3e7e3fdcce0a174c36ec3631de89937a8f299330ae59fee357a | Triage

Sharing

General

Target

updates.mpsl
Size

94KB
Sample

241018-zfaknsxbma
MD5

e71c1a5ec391e53bde0d8e9f6d09841d
SHA1

e3bee72e4b7de2492fb0298a8e0e6447f8ab898e
SHA256

e26ec53db69ea3e7e3fdcce0a174c36ec3631de89937a8f299330ae59fee357a
SHA512

11dff47986fbd8afaa0cbe0d1af0eb38c41b6f48296c40301a8552597d07e6ba29918e2f25a24b0048036b51ede08a29e4a5c66a6993cd21b05e85b4ae206867
SSDEEP

1536:IIdgIHlIodXYtFrWbM/eNLNnStqZIzAFS4ZZ1hV6I5GPC8:IIdgIHlIo+OLNStqZPF7ZLI68

Score

10^/10

mirai unstable defense_evasion

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

- Target
  
  updates.mpsl
- Size
  
  94KB
- MD5
  
  e71c1a5ec391e53bde0d8e9f6d09841d
- SHA1
  
  e3bee72e4b7de2492fb0298a8e0e6447f8ab898e
- SHA256
  
  e26ec53db69ea3e7e3fdcce0a174c36ec3631de89937a8f299330ae59fee357a
- SHA512
  
  11dff47986fbd8afaa0cbe0d1af0eb38c41b6f48296c40301a8552597d07e6ba29918e2f25a24b0048036b51ede08a29e4a5c66a6993cd21b05e85b4ae206867
- SSDEEP
  
  1536:IIdgIHlIodXYtFrWbM/eNLNnStqZIzAFS4ZZ1hV6I5GPC8:IIdgIHlIo+OLNStqZPF7ZLI68
Score

7^/10

defense_evasion
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasion