mirai | 10a4c1b8a7106008acb65a31ab3d078f7b056eb30e4397f8b7a09b39855d23ea | Triage

Sharing

General

Target

uYtea.mpsl.elf
Size

75KB
Sample

250307-q3lrsa1se1
MD5

d40b08390f13aa89c14e0fedff56e41f
SHA1

7f5f215fef320e6677f9490dff7732d46f157af9
SHA256

10a4c1b8a7106008acb65a31ab3d078f7b056eb30e4397f8b7a09b39855d23ea
SHA512

e385eb0f4a06f0264bc5f0b95ffb83673834e3ffb267f947c264f2ccb5017bdee416b6e7c158ed1ef066d14f26eddc7426ab0313fc4de4948fbefb51637be7a6
SSDEEP

1536:7J5dbFB4x92nKoIia98M26ofWU+UZ9CYXzdJa10N:7J5dxBu9uKoTIUXd4u

Score

10^/10

mirai demons defense_evasion

Malware Config

Extracted

Family

mirai

Botnet

DEMONS

Targets

- Target
  
  uYtea.mpsl.elf
- Size
  
  75KB
- MD5
  
  d40b08390f13aa89c14e0fedff56e41f
- SHA1
  
  7f5f215fef320e6677f9490dff7732d46f157af9
- SHA256
  
  10a4c1b8a7106008acb65a31ab3d078f7b056eb30e4397f8b7a09b39855d23ea
- SHA512
  
  e385eb0f4a06f0264bc5f0b95ffb83673834e3ffb267f947c264f2ccb5017bdee416b6e7c158ed1ef066d14f26eddc7426ab0313fc4de4948fbefb51637be7a6
- SSDEEP
  
  1536:7J5dbFB4x92nKoIia98M26ofWU+UZ9CYXzdJa10N:7J5dxBu9uKoTIUXd4u
Score

7^/10

defense_evasion
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasion