mirai | 7bc4c6815ff8e11c626c36ada279121a3730460f6401e86c596d2a2691f28ff4 | Triage

Sharing

General

Target

mips.elf
Size

82KB
Sample

250201-zg39dazjft
MD5

077702cd1b34d9cc36913275856254b6
SHA1

78541ca1301d286ea8832c93062afc168fc277eb
SHA256

7bc4c6815ff8e11c626c36ada279121a3730460f6401e86c596d2a2691f28ff4
SHA512

e13f78030e49e230f78adf7268633ebc7e71a42fa9f9080794b7ec9d52e9aaa3e912072031b4c2195df16eed2408733c5e221e151dade56dbb124956567e4641
SSDEEP

1536:/Q3ezg1j6CFxx7hV63lL0YOfhFj5UqLzzg/lrlAlRJPd:4Ozg1jfxxP639ufhFj51zzVrRd

Score

10^/10

mirai credential_access defense_evasion discovery

Malware Config

Targets

- Target
  
  mips.elf
- Size
  
  82KB
- MD5
  
  077702cd1b34d9cc36913275856254b6
- SHA1
  
  78541ca1301d286ea8832c93062afc168fc277eb
- SHA256
  
  7bc4c6815ff8e11c626c36ada279121a3730460f6401e86c596d2a2691f28ff4
- SHA512
  
  e13f78030e49e230f78adf7268633ebc7e71a42fa9f9080794b7ec9d52e9aaa3e912072031b4c2195df16eed2408733c5e221e151dade56dbb124956567e4641
- SSDEEP
  
  1536:/Q3ezg1j6CFxx7hV63lL0YOfhFj5UqLzzg/lrlAlRJPd:4Ozg1jfxxP639ufhFj51zzVrRd
Score

7^/10

credential_access defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Reads process memory
  Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
  credential_access
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

OS Credential Dumping

Proc Filesystem

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessdefense_evasiondiscovery