mirai | 10fd73ed3e73f8c98cbad9e52173c8f8f1e296c961cd7961ea056e6ad1b5628f | Triage

Sharing

General

Target

702-1-0x00008000-0x00020b44-memory.dmp
Size

96KB
Sample

241123-yjllnszkbj
MD5

2d72fc151d96e405bb29c8279a90e0e3
SHA1

100c65afcd006ba7385f163e2d0a2c2ef0d38414
SHA256

10fd73ed3e73f8c98cbad9e52173c8f8f1e296c961cd7961ea056e6ad1b5628f
SHA512

58fa2c6e219069693fe2a33afb53e2af8135bfa0227c33d62032e838e2853deeef1458a411d0d819204b6d0449dd0996e2e57202cc851aa26402d3ce00e11874
SSDEEP

1536:LXnprVlvugsy3NUp22RARkBEFd4UOYpMJt3OLwB3ZlmzwqF36TiFNYIGYVWWpKQY:dVxqw9aBoDMgLOZlmzwUFN1PAQY

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  702-1-0x00008000-0x00020b44-memory.dmp
- Size
  
  96KB
- MD5
  
  2d72fc151d96e405bb29c8279a90e0e3
- SHA1
  
  100c65afcd006ba7385f163e2d0a2c2ef0d38414
- SHA256
  
  10fd73ed3e73f8c98cbad9e52173c8f8f1e296c961cd7961ea056e6ad1b5628f
- SHA512
  
  58fa2c6e219069693fe2a33afb53e2af8135bfa0227c33d62032e838e2853deeef1458a411d0d819204b6d0449dd0996e2e57202cc851aa26402d3ce00e11874
- SSDEEP
  
  1536:LXnprVlvugsy3NUp22RARkBEFd4UOYpMJt3OLwB3ZlmzwqF36TiFNYIGYVWWpKQY:dVxqw9aBoDMgLOZlmzwUFN1PAQY
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery