mirai | 3c77fd70d6efc232db2ed2c0411b09454da2bce8b7e55184dd40b8922f152252 | Triage

Sharing

General

Target

arm.elf
Size

85KB
Sample

241231-w2ppyasqa1
MD5

6d540ee3573bee4f63cbffac9466d013
SHA1

99e2dcde9a1fc6300130829d59876e7f9c056e55
SHA256

3c77fd70d6efc232db2ed2c0411b09454da2bce8b7e55184dd40b8922f152252
SHA512

23e3dfee97c4c0ae49ca81e4821c784f75cb7e12a84bda4169fa8497fc59b2317d7ce26ff77c2be2b22824876d9fa5678d59763c2b7e57edec2bf2347e460453
SSDEEP

1536:Wk+F7bZlExN6t0J/haQlMov8tD6msq3wJUs9G1FevmvJe:Wk+H6lZUtDr13wJLNEJe

Score

10^/10

mirai mirai credential_access discovery

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  arm.elf
- Size
  
  85KB
- MD5
  
  6d540ee3573bee4f63cbffac9466d013
- SHA1
  
  99e2dcde9a1fc6300130829d59876e7f9c056e55
- SHA256
  
  3c77fd70d6efc232db2ed2c0411b09454da2bce8b7e55184dd40b8922f152252
- SHA512
  
  23e3dfee97c4c0ae49ca81e4821c784f75cb7e12a84bda4169fa8497fc59b2317d7ce26ff77c2be2b22824876d9fa5678d59763c2b7e57edec2bf2347e460453
- SSDEEP
  
  1536:Wk+F7bZlExN6t0J/haQlMov8tD6msq3wJUs9G1FevmvJe:Wk+H6lZUtDr13wJLNEJe
Score

5^/10

credential_access discovery
- Reads process memory
  Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
  credential_access
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

OS Credential Dumping

Proc Filesystem

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessdiscovery