mirai | c54067bb5857e2074e6ac93cac0127dc77694e710909178d02a189d321e8269f | Triage

Sharing

General

Target

0x86d.arm7.elf
Size

152KB
Sample

241213-k98x1awjfj
MD5

e9fca3f9dc17c28e1bbf55fa1445370f
SHA1

f6afda93185302196ee1df3fa22f88c137833c2c
SHA256

c54067bb5857e2074e6ac93cac0127dc77694e710909178d02a189d321e8269f
SHA512

aba1ec854039107af1180f02d5d76364aaf89b48d6a79ac69ae4a46d5e7b2a985266bf1a1914dfeccfaf44f634ddd0a9b8bf56dbe1f265afd678611c01741789
SSDEEP

3072:xhXdgWEfdWD/AdLXDaD2LhDnbQl52zUcrq8Sh7uM/9BWBA:HXdg78D/6bDaD2LhDncldN8ShaM/90y

Score

10^/10

mirai unstable defense_evasion

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

- Target
  
  0x86d.arm7.elf
- Size
  
  152KB
- MD5
  
  e9fca3f9dc17c28e1bbf55fa1445370f
- SHA1
  
  f6afda93185302196ee1df3fa22f88c137833c2c
- SHA256
  
  c54067bb5857e2074e6ac93cac0127dc77694e710909178d02a189d321e8269f
- SHA512
  
  aba1ec854039107af1180f02d5d76364aaf89b48d6a79ac69ae4a46d5e7b2a985266bf1a1914dfeccfaf44f634ddd0a9b8bf56dbe1f265afd678611c01741789
- SSDEEP
  
  3072:xhXdgWEfdWD/AdLXDaD2LhDnbQl52zUcrq8Sh7uM/9BWBA:HXdg78D/6bDaD2LhDncldN8ShaM/90y
Score

7^/10

defense_evasion
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasion