mirai | 89dd9cf4c505ab6c743dde3a18fcdd6024a2ae73312ce3c1a03d7b02047da98f | Triage

Sharing

General

Target

89dd9cf4c505ab6c743dde3a18fcdd6024a2ae73312ce3c1a03d7b02047da98f.elf
Size

154KB
Sample

241214-n3jajsspbj
MD5

aa35350aff901b18f6ccd15c9ac26f47
SHA1

b02f4b093b3668257e7c45070a76ef78221764f0
SHA256

89dd9cf4c505ab6c743dde3a18fcdd6024a2ae73312ce3c1a03d7b02047da98f
SHA512

7b397b1f65f51190b170cb378b83aaf4585226a29fba0cdba586e5500af3ba9ca7565b57dc62a15791e64d591e8c18d5aecfd35649131b2b0e8cbf2c3a3b4230
SSDEEP

3072:qTlM7izW3PBmbF4tdprGND5EHmVOqiX0wbZno:qTmV/wJ4tHrGNWHmgqiEwRo

Score

10^/10

mirai mirai defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  89dd9cf4c505ab6c743dde3a18fcdd6024a2ae73312ce3c1a03d7b02047da98f.elf
- Size
  
  154KB
- MD5
  
  aa35350aff901b18f6ccd15c9ac26f47
- SHA1
  
  b02f4b093b3668257e7c45070a76ef78221764f0
- SHA256
  
  89dd9cf4c505ab6c743dde3a18fcdd6024a2ae73312ce3c1a03d7b02047da98f
- SHA512
  
  7b397b1f65f51190b170cb378b83aaf4585226a29fba0cdba586e5500af3ba9ca7565b57dc62a15791e64d591e8c18d5aecfd35649131b2b0e8cbf2c3a3b4230
- SSDEEP
  
  3072:qTlM7izW3PBmbF4tdprGND5EHmVOqiX0wbZno:qTmV/wJ4tHrGNWHmgqiEwRo
Score

7^/10

defense_evasion discovery
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery