mirai | c7c58d8a81110e54694866caddd8bd2f329423fb4c77536973a2d8d30b54b515 | Triage

Sharing

General

Target

739-1-0x00400000-0x00452a58-memory.dmp
Size

73KB
Sample

241208-wza4rswndm
MD5

6d3d495661da3cc362e0d10d42bb8f6b
SHA1

0208e492964d3d89b391bfb6cd9b2174f38664e6
SHA256

c7c58d8a81110e54694866caddd8bd2f329423fb4c77536973a2d8d30b54b515
SHA512

96f3cbb1d7176c335392f1340135e8ee7b29d2162767e7a634df9810506f1d3a4f4cbf635b2358bb589746c9ca5dac389fea90ae445c509695d092ffdb18e71e
SSDEEP

1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerESt9P:oJPEB8NWq9hqqd0l

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  739-1-0x00400000-0x00452a58-memory.dmp
- Size
  
  73KB
- MD5
  
  6d3d495661da3cc362e0d10d42bb8f6b
- SHA1
  
  0208e492964d3d89b391bfb6cd9b2174f38664e6
- SHA256
  
  c7c58d8a81110e54694866caddd8bd2f329423fb4c77536973a2d8d30b54b515
- SHA512
  
  96f3cbb1d7176c335392f1340135e8ee7b29d2162767e7a634df9810506f1d3a4f4cbf635b2358bb589746c9ca5dac389fea90ae445c509695d092ffdb18e71e
- SSDEEP
  
  1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerESt9P:oJPEB8NWq9hqqd0l
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery