mirai | cf9337b63844dd2841379bc2ce6b9c96c44d9189e30692ada4faa68c7d5828ea | Triage

Sharing

General

Target

mips.elf
Size

110KB
Sample

250310-m47h4asvcs
MD5

e6c0a44f4816ea3d610cbacc4ba51eea
SHA1

af0d364a2d62891f95e2bba628cc2ab44e52f43e
SHA256

cf9337b63844dd2841379bc2ce6b9c96c44d9189e30692ada4faa68c7d5828ea
SHA512

698a1c6dad1d72eb3a08a91f6d450b3271b9e06198852b41ba090c004d2e69e1cb28ab1b56560bd00c2d0b8dcef1948b0fb36832898917c2bf0bb5979a47810d
SSDEEP

3072:5znu8TfSyBFataXSdQ0YCtxGCtgWmHdTwPXdT:5zu8TfSyBQ4XSdS2xGEpGiNT

Score

10^/10

mirai owari defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

OWARI

Targets

- Target
  
  mips.elf
- Size
  
  110KB
- MD5
  
  e6c0a44f4816ea3d610cbacc4ba51eea
- SHA1
  
  af0d364a2d62891f95e2bba628cc2ab44e52f43e
- SHA256
  
  cf9337b63844dd2841379bc2ce6b9c96c44d9189e30692ada4faa68c7d5828ea
- SHA512
  
  698a1c6dad1d72eb3a08a91f6d450b3271b9e06198852b41ba090c004d2e69e1cb28ab1b56560bd00c2d0b8dcef1948b0fb36832898917c2bf0bb5979a47810d
- SSDEEP
  
  3072:5znu8TfSyBFataXSdQ0YCtxGCtgWmHdTwPXdT:5zu8TfSyBQ4XSdS2xGEpGiNT
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery