mirai | 70854e9550f88b301c7b665b4a312fd517c5a4f1495e052c97d2906c92c00a93 | Triage

Sharing

General

Target

701-1-0x00008000-0x00026464-memory.dmp
Size

76KB
Sample

241201-2c6j2svmbz
MD5

f864ad22ff80d2a39da18ba4aba74469
SHA1

7ae77b3678b078a6fe17dd8b0087bc8732c36c25
SHA256

70854e9550f88b301c7b665b4a312fd517c5a4f1495e052c97d2906c92c00a93
SHA512

cfe278a8c06ebd5c9c0363ecfd5a254c203e7a45c915e4814d8a8487eaa87c7f7ac97d7888fdfefa1f4e3d5810c97f7c9154ea66c4e0d57665e760783243064a
SSDEEP

1536:TJnF9sFw8gu6+wyKaw1KpIPrbvr/6Ra1styKtI8ll5BihwlTQP+8oJ:RowpuQyNSG2eRa1styK9flTQPHo

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  701-1-0x00008000-0x00026464-memory.dmp
- Size
  
  76KB
- MD5
  
  f864ad22ff80d2a39da18ba4aba74469
- SHA1
  
  7ae77b3678b078a6fe17dd8b0087bc8732c36c25
- SHA256
  
  70854e9550f88b301c7b665b4a312fd517c5a4f1495e052c97d2906c92c00a93
- SHA512
  
  cfe278a8c06ebd5c9c0363ecfd5a254c203e7a45c915e4814d8a8487eaa87c7f7ac97d7888fdfefa1f4e3d5810c97f7c9154ea66c4e0d57665e760783243064a
- SSDEEP
  
  1536:TJnF9sFw8gu6+wyKaw1KpIPrbvr/6Ra1styKtI8ll5BihwlTQP+8oJ:RowpuQyNSG2eRa1styK9flTQPHo
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery