mirai | 4f0a529c1623e3cc07d38973ad8db4b3f3b2b3400ab958b1d4b43f088405430b | Triage

Sharing

General

Target

744-1-0x00400000-0x00452a58-memory.dmp
Size

73KB
Sample

241227-dg1ycs1jgk
MD5

82ae45be4457bb0e3dd1a2180e22c4e2
SHA1

f37c946643b25e685c6a52555fd59e6d8894d645
SHA256

4f0a529c1623e3cc07d38973ad8db4b3f3b2b3400ab958b1d4b43f088405430b
SHA512

9d23cf047c4bfffe5d1aff1961a59605b4ac52f5457dfec9e323520317640bff46d39d4ae455b0a96630669cd3e667583c9b5b669b7f6322fa678ca6c817abec
SSDEEP

1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerEStpP:oJPEB8NWq9hqqd0R

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  744-1-0x00400000-0x00452a58-memory.dmp
- Size
  
  73KB
- MD5
  
  82ae45be4457bb0e3dd1a2180e22c4e2
- SHA1
  
  f37c946643b25e685c6a52555fd59e6d8894d645
- SHA256
  
  4f0a529c1623e3cc07d38973ad8db4b3f3b2b3400ab958b1d4b43f088405430b
- SHA512
  
  9d23cf047c4bfffe5d1aff1961a59605b4ac52f5457dfec9e323520317640bff46d39d4ae455b0a96630669cd3e667583c9b5b669b7f6322fa678ca6c817abec
- SSDEEP
  
  1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerEStpP:oJPEB8NWq9hqqd0R
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery