mirai | 14860e8b4b5ab9ffad3c4a7f89f554cf1a770fb2aa294fa13278af939efe2729 | Triage

Sharing

General

Target

699-1-0x00400000-0x00451a58-memory.dmp
Size

69KB
Sample

241201-2f14qsvnhx
MD5

70be3d89e1c20bc92c05545b13c1fc13
SHA1

2c664dd179965bcb76716792da82d02b4c8c75ea
SHA256

14860e8b4b5ab9ffad3c4a7f89f554cf1a770fb2aa294fa13278af939efe2729
SHA512

6c2ed16ba8e24a63ec27f032017cf908fd83351aa393b61d5efb31fafcb992f9b4043eed0dfdd54487191482f90be4c5a5a23702625b2f08b2dd10696baa918e
SSDEEP

768:kZmnnogDILQHYLQHPVVMr4mgYVVMwKykNVVM6r+g/RtrVSYogDOsS5siv5XLatAK:BnN4ZH2SyOyuIq8LMEIUq+cvtpvXzbLe

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  699-1-0x00400000-0x00451a58-memory.dmp
- Size
  
  69KB
- MD5
  
  70be3d89e1c20bc92c05545b13c1fc13
- SHA1
  
  2c664dd179965bcb76716792da82d02b4c8c75ea
- SHA256
  
  14860e8b4b5ab9ffad3c4a7f89f554cf1a770fb2aa294fa13278af939efe2729
- SHA512
  
  6c2ed16ba8e24a63ec27f032017cf908fd83351aa393b61d5efb31fafcb992f9b4043eed0dfdd54487191482f90be4c5a5a23702625b2f08b2dd10696baa918e
- SSDEEP
  
  768:kZmnnogDILQHYLQHPVVMr4mgYVVMwKykNVVM6r+g/RtrVSYogDOsS5siv5XLatAK:BnN4ZH2SyOyuIq8LMEIUq+cvtpvXzbLe
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery