mirai | dd2f9e5f3cc52ad4c602ec27ba75665a41aac69da59dcf520c204ca0439f1e0c | Triage

Sharing

General

Target

727-1-0x00400000-0x00451a58-memory.dmp
Size

69KB
Sample

250125-tln3cszngz
MD5

870864c53da29fa82d4dd4a65f5fcc5a
SHA1

5eb1d4e3178e7a632dd1beb8caa00b800e8a8bb5
SHA256

dd2f9e5f3cc52ad4c602ec27ba75665a41aac69da59dcf520c204ca0439f1e0c
SHA512

c27e135dbf666e3c5f154341df58735b928d04aea260c528abfb1da35ec0f2a2f6882eb811c0291d53948bee031e1a2203bd9fac215d042977dc578dd7734ae9
SSDEEP

768:kZmnnogDILQHYLQHPVVMr4mgYVVMwKykNVVM6r+g/RtrVSYogDOsS5siv5XLatAD:BnN4ZH2SyOyuIq8LMEIUq+cvtpvXzqLe

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  727-1-0x00400000-0x00451a58-memory.dmp
- Size
  
  69KB
- MD5
  
  870864c53da29fa82d4dd4a65f5fcc5a
- SHA1
  
  5eb1d4e3178e7a632dd1beb8caa00b800e8a8bb5
- SHA256
  
  dd2f9e5f3cc52ad4c602ec27ba75665a41aac69da59dcf520c204ca0439f1e0c
- SHA512
  
  c27e135dbf666e3c5f154341df58735b928d04aea260c528abfb1da35ec0f2a2f6882eb811c0291d53948bee031e1a2203bd9fac215d042977dc578dd7734ae9
- SSDEEP
  
  768:kZmnnogDILQHYLQHPVVMr4mgYVVMwKykNVVM6r+g/RtrVSYogDOsS5siv5XLatAD:BnN4ZH2SyOyuIq8LMEIUq+cvtpvXzqLe
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery