General
-
Target
mips
-
Size
104KB
-
Sample
241231-qq6w7avlfj
-
MD5
4eb5418188eb447aeb7bbcd87c9f58cf
-
SHA1
dc58321f3ef78a5a291ea7a40479378d4dfb67a7
-
SHA256
c43f68e816ac1f52cbcb87424add3311d9fb7bb5922d7a4c2692d40b1722b299
-
SHA512
1d1d3171a06f5d9d5b98b89dddbcc8e58a4fbe2ff453b0351391da131a51d972059929116c64196e07958838838998529a23e74b468ddded007381469d044845
-
SSDEEP
1536:frfxe7NbaACXuBvgB13X9ScuTmMy03Vs0Q/v94SDmeS8RBCH:zxe7haACXII7X9Sw+3u0Q/viSDEeBCH
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
mips
-
Size
104KB
-
MD5
4eb5418188eb447aeb7bbcd87c9f58cf
-
SHA1
dc58321f3ef78a5a291ea7a40479378d4dfb67a7
-
SHA256
c43f68e816ac1f52cbcb87424add3311d9fb7bb5922d7a4c2692d40b1722b299
-
SHA512
1d1d3171a06f5d9d5b98b89dddbcc8e58a4fbe2ff453b0351391da131a51d972059929116c64196e07958838838998529a23e74b468ddded007381469d044845
-
SSDEEP
1536:frfxe7NbaACXuBvgB13X9ScuTmMy03Vs0Q/v94SDmeS8RBCH:zxe7haACXII7X9Sw+3u0Q/viSDEeBCH
Score7/10-
Deletes Audit logs
Deletes logs related to the Linux Audit framework.
-
Deletes itself
-
Deletes system logs
Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Deletes log files
Deletes log files on the system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1Privilege Escalation
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1