mirai | c8fff67f5f6e5877ad30870f3d2c66ef65121bf641583947e2558b8fbe57eaaa | Triage

Sharing

General

Target

708-1-0x00400000-0x00452a58-memory.dmp
Size

73KB
Sample

250109-za8waazpd1
MD5

fc33bcc17465530c916323b0ac048dcb
SHA1

e55928e2219136b88e15189b5183e7ad2cba8636
SHA256

c8fff67f5f6e5877ad30870f3d2c66ef65121bf641583947e2558b8fbe57eaaa
SHA512

40b7158d223dda1af3559c043ecc9fae0d5942a16382c1ab2048893917bcae7c02af2ada1fd9911fbbcd93d28ed4ccf3a7a1329e7ac0dd6f16295686e5b1100f
SSDEEP

1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerESt4P:oJPEB8NWq9hqqd0a

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  708-1-0x00400000-0x00452a58-memory.dmp
- Size
  
  73KB
- MD5
  
  fc33bcc17465530c916323b0ac048dcb
- SHA1
  
  e55928e2219136b88e15189b5183e7ad2cba8636
- SHA256
  
  c8fff67f5f6e5877ad30870f3d2c66ef65121bf641583947e2558b8fbe57eaaa
- SHA512
  
  40b7158d223dda1af3559c043ecc9fae0d5942a16382c1ab2048893917bcae7c02af2ada1fd9911fbbcd93d28ed4ccf3a7a1329e7ac0dd6f16295686e5b1100f
- SSDEEP
  
  1536:oJPEBmW5iNWqcGTkwnXHZ84OqdZerESt4P:oJPEB8NWq9hqqd0a
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery