mirai | ef8494f6a6268d297d495fed8c56d2d0c312c7d89a2ddcd89599f13b8291b8b3 | Triage

Sharing

General

Target

ef8494f6a6268d297d495fed8c56d2d0c312c7d89a2ddcd89599f13b8291b8b3.elf
Size

151KB
Sample

241214-rfdy4atrft
MD5

79d777cf0e2ce83656f7adde07449985
SHA1

55fc2d5aa97fc5b2f849e77e523b61a5df19b704
SHA256

ef8494f6a6268d297d495fed8c56d2d0c312c7d89a2ddcd89599f13b8291b8b3
SHA512

d65bb37155ac083b115caecc9610efc851ec070ffe435bf5b8c79968dbfad29a0c12f634e87857be9c67146d1df3730a57af6e6fa48d6f85438e664c6aef47fd
SSDEEP

3072:irPYUiYp28euRPd45oM4S+nfqWCXbJOvUwbZno:irG98vVd4554pniWCXNO8wRo

Score

10^/10

mirai mirai defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  ef8494f6a6268d297d495fed8c56d2d0c312c7d89a2ddcd89599f13b8291b8b3.elf
- Size
  
  151KB
- MD5
  
  79d777cf0e2ce83656f7adde07449985
- SHA1
  
  55fc2d5aa97fc5b2f849e77e523b61a5df19b704
- SHA256
  
  ef8494f6a6268d297d495fed8c56d2d0c312c7d89a2ddcd89599f13b8291b8b3
- SHA512
  
  d65bb37155ac083b115caecc9610efc851ec070ffe435bf5b8c79968dbfad29a0c12f634e87857be9c67146d1df3730a57af6e6fa48d6f85438e664c6aef47fd
- SSDEEP
  
  3072:irPYUiYp28euRPd45oM4S+nfqWCXbJOvUwbZno:irG98vVd4554pniWCXNO8wRo
Score

7^/10

defense_evasion discovery
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery