mirai | 404a440d37442075abf73182bb8e824832d8376523c9afa6f287ab13b592fbb4 | Triage

Sharing

General

Target

404a440d37442075abf73182bb8e824832d8376523c9afa6f287ab13b592fbb4.elf
Size

137KB
Sample

241121-e7xt3aynfs
MD5

b7676c3e8f1dbe7249a1e0c7b79bec39
SHA1

ea2f2a2dab923a30ab7ef68b39751ebc2963316f
SHA256

404a440d37442075abf73182bb8e824832d8376523c9afa6f287ab13b592fbb4
SHA512

fa3af98c7cae7cd4e56ce23bbac8e85102e659d724646af5d8537e92ddff65fdeb331d3087c6cf44dc0706a0306ee8aebd228ea1568dd03f844cb43204aa172f
SSDEEP

3072:xBo21bO07596MDqVXCAI6XChf3YSFOqU0ObRwYDM/94vZPI:xBo21bO075i86XChfoqOuObRTDM/94v6

Score

10^/10

mirai tsunagu defense_evasion

Malware Config

Extracted

Family

mirai

Botnet

TSUNAGU

C2

aiddoscnc.aisysmddos.com

aiddoscnc2.aisysmddos.com

Targets

- Target
  
  404a440d37442075abf73182bb8e824832d8376523c9afa6f287ab13b592fbb4.elf
- Size
  
  137KB
- MD5
  
  b7676c3e8f1dbe7249a1e0c7b79bec39
- SHA1
  
  ea2f2a2dab923a30ab7ef68b39751ebc2963316f
- SHA256
  
  404a440d37442075abf73182bb8e824832d8376523c9afa6f287ab13b592fbb4
- SHA512
  
  fa3af98c7cae7cd4e56ce23bbac8e85102e659d724646af5d8537e92ddff65fdeb331d3087c6cf44dc0706a0306ee8aebd228ea1568dd03f844cb43204aa172f
- SSDEEP
  
  3072:xBo21bO07596MDqVXCAI6XChf3YSFOqU0ObRwYDM/94vZPI:xBo21bO075i86XChfoqOuObRTDM/94v6
Score

7^/10

defense_evasion
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasion