mirai | a113c2daf3539bbd3817bfeef1bf481be8cd88ea01b197e3c93931f7506ce230 | Triage

Sharing

General

Target

709-1-0x00400000-0x00451a58-memory.dmp
Size

69KB
Sample

241214-eytq2svqck
MD5

7e9849ca382c2f45e952f5c232d0d80d
SHA1

8010468541dadd420e7e35dc37efbce347c363e3
SHA256

a113c2daf3539bbd3817bfeef1bf481be8cd88ea01b197e3c93931f7506ce230
SHA512

4dc0593d3dd4679d30e255daa83f9db32a072e77212474c46b9d56ae5437f83264b8a8fab153699c13e6e22937ed93aedb130302fb298437bb983848a880a7f3
SSDEEP

768:kZmnnogDILQHYLQHPVVMr4mgYVVMwKykNVVM6r+g/RtrVSYogDOsS5siv5XLatA2:BnN4ZH2SyOyuIq8LMEIUq+cvtpvXzfLe

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  709-1-0x00400000-0x00451a58-memory.dmp
- Size
  
  69KB
- MD5
  
  7e9849ca382c2f45e952f5c232d0d80d
- SHA1
  
  8010468541dadd420e7e35dc37efbce347c363e3
- SHA256
  
  a113c2daf3539bbd3817bfeef1bf481be8cd88ea01b197e3c93931f7506ce230
- SHA512
  
  4dc0593d3dd4679d30e255daa83f9db32a072e77212474c46b9d56ae5437f83264b8a8fab153699c13e6e22937ed93aedb130302fb298437bb983848a880a7f3
- SSDEEP
  
  768:kZmnnogDILQHYLQHPVVMr4mgYVVMwKykNVVM6r+g/RtrVSYogDOsS5siv5XLatA2:BnN4ZH2SyOyuIq8LMEIUq+cvtpvXzfLe
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery