mirai | 63766e5f7840669cff5857f9a2785ca88e1edf2200820d894e6fff1ae7b0cef9 | Triage

Sharing

General

Target

63766e5f7840669cff5857f9a2785ca88e1edf2200820d894e6fff1ae7b0cef9.elf
Size

208KB
Sample

241214-nrwfqsslbk
MD5

f11b924fc91298f438dc964375faf556
SHA1

3e38f4877672317c01ee8add42c2fee04c8cf9e7
SHA256

63766e5f7840669cff5857f9a2785ca88e1edf2200820d894e6fff1ae7b0cef9
SHA512

d5efb015a5f3222d8263bad6f3e66aa8b0b6b4fd65f90281fc2a860bc0959cb0fc5b74f343e97cf18cbd24c281e51df662265f7c48cdc2dd84565832ff98e3cf
SSDEEP

6144:FXr6Pdmvym2kaOUv2UM6Vu3wRM52B9SWM/RNbBR:F7M4ym2kaOUv2UMhAkP/bH

Score

10^/10

mirai mirai defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

C2

something.catchat.us

Targets

- Target
  
  63766e5f7840669cff5857f9a2785ca88e1edf2200820d894e6fff1ae7b0cef9.elf
- Size
  
  208KB
- MD5
  
  f11b924fc91298f438dc964375faf556
- SHA1
  
  3e38f4877672317c01ee8add42c2fee04c8cf9e7
- SHA256
  
  63766e5f7840669cff5857f9a2785ca88e1edf2200820d894e6fff1ae7b0cef9
- SHA512
  
  d5efb015a5f3222d8263bad6f3e66aa8b0b6b4fd65f90281fc2a860bc0959cb0fc5b74f343e97cf18cbd24c281e51df662265f7c48cdc2dd84565832ff98e3cf
- SSDEEP
  
  6144:FXr6Pdmvym2kaOUv2UM6Vu3wRM52B9SWM/RNbBR:F7M4ym2kaOUv2UMhAkP/bH
Score

7^/10

defense_evasion discovery
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery