mirai | 52c827b69117d05537207028363c684590512d8a78ab223019bbea59df8de203 | Triage

Sharing

General

Target

710-1-0x00400000-0x00459af8-memory.dmp
Size

101KB
Sample

250119-wyf9dszqam
MD5

5c9d71cb01afbffbf21294d5ed80754e
SHA1

10352c99f9faf1a8537b708c0bfcefc1aa384592
SHA256

52c827b69117d05537207028363c684590512d8a78ab223019bbea59df8de203
SHA512

9dc863604a1a8eeea257a3ef6d4d9d652e5e48d2f98404dca27cb5d94f03545f00d109c898586bd6f1631f9595103a2dcd43e34cbaee7334ceb2d0506601ce44
SSDEEP

1536:gIn7oM+DituBuc9fLiTNZIaBpGLQZK7qPkR:hn7oM+DigAc9fMGLQoR

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  710-1-0x00400000-0x00459af8-memory.dmp
- Size
  
  101KB
- MD5
  
  5c9d71cb01afbffbf21294d5ed80754e
- SHA1
  
  10352c99f9faf1a8537b708c0bfcefc1aa384592
- SHA256
  
  52c827b69117d05537207028363c684590512d8a78ab223019bbea59df8de203
- SHA512
  
  9dc863604a1a8eeea257a3ef6d4d9d652e5e48d2f98404dca27cb5d94f03545f00d109c898586bd6f1631f9595103a2dcd43e34cbaee7334ceb2d0506601ce44
- SSDEEP
  
  1536:gIn7oM+DituBuc9fLiTNZIaBpGLQZK7qPkR:hn7oM+DigAc9fMGLQoR
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery