mirai | c0faf074d89d182763168ce564434997f4e89740c43e0f6e18a7fa8f0403f0d0 | Triage

Sharing

General

Target

739-1-0x00400000-0x00451a58-memory.dmp
Size

69KB
Sample

241227-demmys1jbk
MD5

b3bb642a4376c7144e42f9171c958079
SHA1

f0d6ee4bf3779e4e1b8588c67a1c2f172984725a
SHA256

c0faf074d89d182763168ce564434997f4e89740c43e0f6e18a7fa8f0403f0d0
SHA512

c54acbe0207dd5bb039d3a3e5e86cdafa366ec7c61d4753aa47f59ac91b473dfd4757864b93f1423b998698bd2c67c2c93f476c1ec7aa1d9883fb8d9527f8fa3
SSDEEP

768:kZmnnogDILQHYLQHPVVMr4mgYVVMwKykNVVM6r+g/RtrVSYogDOsS5siv5XLatAZ:BnN4ZH2SyOyuIq8LMEIUq+cvtpvXz8Le

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  739-1-0x00400000-0x00451a58-memory.dmp
- Size
  
  69KB
- MD5
  
  b3bb642a4376c7144e42f9171c958079
- SHA1
  
  f0d6ee4bf3779e4e1b8588c67a1c2f172984725a
- SHA256
  
  c0faf074d89d182763168ce564434997f4e89740c43e0f6e18a7fa8f0403f0d0
- SHA512
  
  c54acbe0207dd5bb039d3a3e5e86cdafa366ec7c61d4753aa47f59ac91b473dfd4757864b93f1423b998698bd2c67c2c93f476c1ec7aa1d9883fb8d9527f8fa3
- SSDEEP
  
  768:kZmnnogDILQHYLQHPVVMr4mgYVVMwKykNVVM6r+g/RtrVSYogDOsS5siv5XLatAZ:BnN4ZH2SyOyuIq8LMEIUq+cvtpvXz8Le
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery