mirai | fcaeea08e393082faa77a36274805ed7319196f0f615436f925cc822db8674a8 | Triage

Sharing

General

Target

710-1-0x00400000-0x0045af60-memory.dmp
Size

98KB
Sample

241226-z92k9a1lfn
MD5

13a69e54cc97cb86aa1c45064a49010a
SHA1

bdbeb3c7f912d2347b49cf38ae9c4ca0de966a66
SHA256

fcaeea08e393082faa77a36274805ed7319196f0f615436f925cc822db8674a8
SHA512

3f16ffe52665551e6a69f7b32e375936267cbc1a51c4dfca29e96d591aab24635985546b46deb21f55c0906b3f0e764b9f7f2ad3b5a9e3b5968cc1ef0200ab9d
SSDEEP

1536:HpaZOuT/Q30SQXa1r3J62yqPy/RWLW0edmpwjeNNYC:0ZzTJa1rZ62yqPy/ULWzjeNNl

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  710-1-0x00400000-0x0045af60-memory.dmp
- Size
  
  98KB
- MD5
  
  13a69e54cc97cb86aa1c45064a49010a
- SHA1
  
  bdbeb3c7f912d2347b49cf38ae9c4ca0de966a66
- SHA256
  
  fcaeea08e393082faa77a36274805ed7319196f0f615436f925cc822db8674a8
- SHA512
  
  3f16ffe52665551e6a69f7b32e375936267cbc1a51c4dfca29e96d591aab24635985546b46deb21f55c0906b3f0e764b9f7f2ad3b5a9e3b5968cc1ef0200ab9d
- SSDEEP
  
  1536:HpaZOuT/Q30SQXa1r3J62yqPy/RWLW0edmpwjeNNYC:0ZzTJa1rZ62yqPy/ULWzjeNNl
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery