mirai | 520ee4f7fba6358cfef4aa216cfe0294fd8b4c28b5b8c0fe6de83b3ca208249a | Triage

Sharing

General

Target

wget.sh
Size

809B
Sample

241219-12rxhs1rbr
MD5

1e8348b42b38787c7c1660f00ece290d
SHA1

e031daa5ac284dcd2fd0f34f6918b6957efdd3c3
SHA256

520ee4f7fba6358cfef4aa216cfe0294fd8b4c28b5b8c0fe6de83b3ca208249a
SHA512

634e2e20f250cd47c0df75bcc6b23b150e81585f262f2229890337aab21d6fde56b0a264892ab9a34849e01ad118b8b544a86a5fa1688b23aa10b2d433274a2e

Score

10^/10

mirai botnet botnet defense_evasion linux

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

C2

boats.dogmuncher.xyz

89.190.156.145

Targets

- Target
  
  wget.sh
- Size
  
  809B
- MD5
  
  1e8348b42b38787c7c1660f00ece290d
- SHA1
  
  e031daa5ac284dcd2fd0f34f6918b6957efdd3c3
- SHA256
  
  520ee4f7fba6358cfef4aa216cfe0294fd8b4c28b5b8c0fe6de83b3ca208249a
- SHA512
  
  634e2e20f250cd47c0df75bcc6b23b150e81585f262f2229890337aab21d6fde56b0a264892ab9a34849e01ad118b8b544a86a5fa1688b23aa10b2d433274a2e
Score

10^/10

defense_evasion mirai botnet botnet
- Mirai
  Mirai is a prevalent Linux malware infecting exposed network devices.
  botnet mirai
- Mirai family
  mirai
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasion

behavioral2

defense_evasion

behavioral3

miraibotnetbotnetdefense_evasion

behavioral4

miraibotnetbotnetdefense_evasion