mirai | b41b5c24eefd09932aec03d62a96fb50a96af20253c998cb52b407121b51950e | Triage

Sharing

General

Target

pecga.mips.elf
Size

94KB
Sample

250116-w6lh3stncn
MD5

9468872fb5f3f65f81ba4856abaddf54
SHA1

2abcd7046fb463a45abe2d7387baf16ee64d704f
SHA256

b41b5c24eefd09932aec03d62a96fb50a96af20253c998cb52b407121b51950e
SHA512

ed14a34bb31f05b91a1a6a4f3470e426683963db80776e73ff589bc45336b029041b74cf05e42779f3d131e9d509a745c1e7d30ca1cad16ce752013adc2eee29
SSDEEP

1536:mF4tsbv54o+3bPhXhW1Jb3QeqfS/SO8Reo6XjLuLe:mF4tsr54o+rPhkP3QeqfS/SO8gXjLge

Score

10^/10

mirai unstable defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

- Target
  
  pecga.mips.elf
- Size
  
  94KB
- MD5
  
  9468872fb5f3f65f81ba4856abaddf54
- SHA1
  
  2abcd7046fb463a45abe2d7387baf16ee64d704f
- SHA256
  
  b41b5c24eefd09932aec03d62a96fb50a96af20253c998cb52b407121b51950e
- SHA512
  
  ed14a34bb31f05b91a1a6a4f3470e426683963db80776e73ff589bc45336b029041b74cf05e42779f3d131e9d509a745c1e7d30ca1cad16ce752013adc2eee29
- SSDEEP
  
  1536:mF4tsbv54o+3bPhXhW1Jb3QeqfS/SO8Reo6XjLuLe:mF4tsr54o+rPhkP3QeqfS/SO8gXjLge
Score

7^/10

defense_evasion discovery
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery