Overview

overview

10

Static

static

10

mips5

debian-9-mips

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mips5

  • Size

    96KB

  • Sample

    250101-rd7tdsxmbw

  • MD5

    2899d054de4f34ff07c59d0f0e50f75d

  • SHA1

    82f490c45c0cfe0cd811b734bf681c69adfb3787

  • SHA256

    db021cfa72c766fe2460181971f038cb676a87d445bdf84fb99c1da4d9878f0f

  • SHA512

    535d1434b5fd02c22be87f20ffa503861068c5938dea414a43778b30ce017c31dee97f1e5c36307b3f4df79a7bb5c18fb6c4e12531a983c317f24283867c83e0

  • SSDEEP

    1536:ckOBZa5+bCigwgOUL+iJhUlsCpJF6b7ksjar/7eINoxO0S:cBZaAbCicxrhURGb7ksj8/QO0S

Score
10/10
miraimiraidefense_evasiondiscoveryevasion

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

    • Target

      mips5

    • Size

      96KB

    • MD5

      2899d054de4f34ff07c59d0f0e50f75d

    • SHA1

      82f490c45c0cfe0cd811b734bf681c69adfb3787

    • SHA256

      db021cfa72c766fe2460181971f038cb676a87d445bdf84fb99c1da4d9878f0f

    • SHA512

      535d1434b5fd02c22be87f20ffa503861068c5938dea414a43778b30ce017c31dee97f1e5c36307b3f4df79a7bb5c18fb6c4e12531a983c317f24283867c83e0

    • SSDEEP

      1536:ckOBZa5+bCigwgOUL+iJhUlsCpJF6b7ksjar/7eINoxO0S:cBZaAbCicxrhURGb7ksj8/QO0S

    Score
    7/10
    defense_evasiondiscoveryevasion

    • Deletes Audit logs

      Deletes logs related to the Linux Audit framework.

      evasion

    • Deletes itself

    • Deletes system logs

      Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.

      evasion

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Deletes log files

      Deletes log files on the system.

      defense_evasion

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks