mirai | 9b88ed2f7a024dc9a417fd1ede196bdb29db184074992c98c254307480447fb7 | Triage

Sharing

General

Target

arm5.elf
Size

81KB
Sample

241231-t3pefsype1
MD5

38234ceba84b2973a3ea3692bb96113e
SHA1

1a36977049a252306fff1a3ac341b0c498d24013
SHA256

9b88ed2f7a024dc9a417fd1ede196bdb29db184074992c98c254307480447fb7
SHA512

1ea245bf2d51e7a10e0d04a80a8a700be28393dc3740d4133cf2e73e3b049d05c2be13796f3bfc58455b77e0a4987b9489ea3555b3d48593e280ef8f3f918361
SSDEEP

1536:E46fJ2hDpGnPeyiSN/Ot0Z3eUNHlRzc9VzeK9dCvCxhAe:E46Q2Z2KDll9OVzblxSe

Score

10^/10

mirai mirai credential_access discovery

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  arm5.elf
- Size
  
  81KB
- MD5
  
  38234ceba84b2973a3ea3692bb96113e
- SHA1
  
  1a36977049a252306fff1a3ac341b0c498d24013
- SHA256
  
  9b88ed2f7a024dc9a417fd1ede196bdb29db184074992c98c254307480447fb7
- SHA512
  
  1ea245bf2d51e7a10e0d04a80a8a700be28393dc3740d4133cf2e73e3b049d05c2be13796f3bfc58455b77e0a4987b9489ea3555b3d48593e280ef8f3f918361
- SSDEEP
  
  1536:E46fJ2hDpGnPeyiSN/Ot0Z3eUNHlRzc9VzeK9dCvCxhAe:E46Q2Z2KDll9OVzblxSe
Score

6^/10

credential_access discovery
- Enumerates running processes
  Discovers information about currently running processes on the system
- Reads process memory
  Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
  credential_access
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

OS Credential Dumping

Proc Filesystem

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessdiscovery