mirai | 9c240e36edad591b42b8afd15173d5b8e20be97a4dc2890e40726ba930b069ba | Triage

Sharing

General

Target

zmap.mips.elf
Size

94KB
Sample

241230-bpk6rssrby
MD5

8851f74b1bf422061873a82d50b040ef
SHA1

65f83258e1058b764eddba03bd272cc53eda279e
SHA256

9c240e36edad591b42b8afd15173d5b8e20be97a4dc2890e40726ba930b069ba
SHA512

2b01e596795be06c56dac4d55dd504f5ce14cc4a6eb2d4bce26e1c511df602c13eb8284e27b9cab58a96b203e7c4c9428cba628953b75911898530ed4daec3a7
SSDEEP

1536:mF4tsbv54o+3bPhXhWxZJWNTUpuD+fyecpeo6XFLJy:mF4tsr54o+rPhkxYTUpuD+fyecIXFLM

Score

10^/10

mirai unstable defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

- Target
  
  zmap.mips.elf
- Size
  
  94KB
- MD5
  
  8851f74b1bf422061873a82d50b040ef
- SHA1
  
  65f83258e1058b764eddba03bd272cc53eda279e
- SHA256
  
  9c240e36edad591b42b8afd15173d5b8e20be97a4dc2890e40726ba930b069ba
- SHA512
  
  2b01e596795be06c56dac4d55dd504f5ce14cc4a6eb2d4bce26e1c511df602c13eb8284e27b9cab58a96b203e7c4c9428cba628953b75911898530ed4daec3a7
- SSDEEP
  
  1536:mF4tsbv54o+3bPhXhWxZJWNTUpuD+fyecpeo6XFLJy:mF4tsr54o+rPhkxYTUpuD+fyecIXFLM
Score

7^/10

defense_evasion discovery
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery