mirai | 34537b3ae42d5d93060f42ccd019a8e976290a01b0380e6688a2dfa1515cd1a6 | Triage

Sharing

General

Target

uYtea.x86.elf
Size

54KB
Sample

250307-q6g8rs1q14
MD5

e8ee0839bb7869765d80e4280d585222
SHA1

e0aa7ad73b70d2fbd0f8f4ca2d5ca417c6e36538
SHA256

34537b3ae42d5d93060f42ccd019a8e976290a01b0380e6688a2dfa1515cd1a6
SHA512

a3570f2617a4ed149c1a8a8a396a2d0522c09551ab54ef7c7b882c71b66ac3cd9246e552b6acaceeb2585c337bee9e471af729dee5a08f9a491ab14a6c72f02b
SSDEEP

768:FmnthEsW5qnF15RY1dhPe7oXTmc6Dj5gk9vWnTI4eBH+4sToQLDLFv:Yn/EsW5qhSh6amnlWnU4GH+dNLt

Score

10^/10

mirai demons defense_evasion linux

Malware Config

Extracted

Family

mirai

Botnet

DEMONS

Targets

- Target
  
  uYtea.x86.elf
- Size
  
  54KB
- MD5
  
  e8ee0839bb7869765d80e4280d585222
- SHA1
  
  e0aa7ad73b70d2fbd0f8f4ca2d5ca417c6e36538
- SHA256
  
  34537b3ae42d5d93060f42ccd019a8e976290a01b0380e6688a2dfa1515cd1a6
- SHA512
  
  a3570f2617a4ed149c1a8a8a396a2d0522c09551ab54ef7c7b882c71b66ac3cd9246e552b6acaceeb2585c337bee9e471af729dee5a08f9a491ab14a6c72f02b
- SSDEEP
  
  768:FmnthEsW5qnF15RY1dhPe7oXTmc6Dj5gk9vWnTI4eBH+4sToQLDLFv:Yn/EsW5qhSh6amnlWnU4GH+dNLt
Score

7^/10

defense_evasion
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasion