mirai | a746b7e6f8a4383a23480b252e4c474d854b953e8af4d9190425b2ddea769e4a | Triage

Sharing

General

Target

708-1-0x00400000-0x00458c68-memory.dmp
Size

90KB
Sample

241227-jqwynatjcw
MD5

8291b46b9d7928e415e2e6c60cf47508
SHA1

e714dfe480ff3cdcc3a06c26976430b1fd061418
SHA256

a746b7e6f8a4383a23480b252e4c474d854b953e8af4d9190425b2ddea769e4a
SHA512

3f7f975548da0c6178724e723e63bc794bef789b03ac353eebe492c50d46c69ff91abe0762f46391f62a5dd21371c64280945571dba7268ca0bea4adb3d1dcc7
SSDEEP

1536:JOEwSl4gSxzNs4ztYsF4ReHtDZeQCl7GuRiUf:JOEwSmgSrueHtDQ0Uf

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  708-1-0x00400000-0x00458c68-memory.dmp
- Size
  
  90KB
- MD5
  
  8291b46b9d7928e415e2e6c60cf47508
- SHA1
  
  e714dfe480ff3cdcc3a06c26976430b1fd061418
- SHA256
  
  a746b7e6f8a4383a23480b252e4c474d854b953e8af4d9190425b2ddea769e4a
- SHA512
  
  3f7f975548da0c6178724e723e63bc794bef789b03ac353eebe492c50d46c69ff91abe0762f46391f62a5dd21371c64280945571dba7268ca0bea4adb3d1dcc7
- SSDEEP
  
  1536:JOEwSl4gSxzNs4ztYsF4ReHtDZeQCl7GuRiUf:JOEwSmgSrueHtDQ0Uf
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery