Overview

overview

10

Static

static

10

mips

debian-9-mips

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mips

  • Size

    95KB

  • Sample

    241228-gvzh8swmcx

  • MD5

    0cfcc8b1438300100879682b60b9035b

  • SHA1

    ba09d45381539287aadb51176b0484e787e5d3d6

  • SHA256

    a1e1dca5ae87516c59f114b1ab914ac85b147781db055d795c4d016642d49c4e

  • SHA512

    bf299c27fff04f0f9d8aa890bd1323abc78d542588d2deb16c6db1baac9c1c2d94e9689948b8113cb7cd93a2a94872435a8dfacc345bcce79c7a46a4216d1114

  • SSDEEP

    1536:0Bb1bb/M3kV7DgDqnmX2OjxPqC3tXqmB0gXmxTJmc3Be4ipHQ:61bbU3kVw2ndmPN7B0gQT93YpHQ

Score
10/10
miraimiraidefense_evasiondiscoveryevasion

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

    • Target

      mips

    • Size

      95KB

    • MD5

      0cfcc8b1438300100879682b60b9035b

    • SHA1

      ba09d45381539287aadb51176b0484e787e5d3d6

    • SHA256

      a1e1dca5ae87516c59f114b1ab914ac85b147781db055d795c4d016642d49c4e

    • SHA512

      bf299c27fff04f0f9d8aa890bd1323abc78d542588d2deb16c6db1baac9c1c2d94e9689948b8113cb7cd93a2a94872435a8dfacc345bcce79c7a46a4216d1114

    • SSDEEP

      1536:0Bb1bb/M3kV7DgDqnmX2OjxPqC3tXqmB0gXmxTJmc3Be4ipHQ:61bbU3kVw2ndmPN7B0gQT93YpHQ

    Score
    7/10
    defense_evasiondiscoveryevasion

    • Deletes Audit logs

      Deletes logs related to the Linux Audit framework.

      evasion

    • Deletes itself

    • Deletes system logs

      Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.

      evasion

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Deletes log files

      Deletes log files on the system.

      defense_evasion

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks