mirai | 6ff23721d3b6c6677de0ee75d7d8c65baae779ebf87e090e1fd031f0bf02ea6e | Triage

Sharing

General

Target

mirai.x86.elf
Size

54KB
Sample

250411-xjn65axmt4
MD5

014a0d28c6684fa6486fc344c246f69c
SHA1

611a1dcfd5a6dcf5bc4d433c91dc912f19885e9d
SHA256

6ff23721d3b6c6677de0ee75d7d8c65baae779ebf87e090e1fd031f0bf02ea6e
SHA512

36a71bf3a1bae29b02da543c7a3b9c6be02149e4ee6e0bcf7267abfcb8bb46e1e89ebc5becc5b3e92c749620e6e11df2a66c0cad76b42d1b7e26874d65c7a0df
SSDEEP

1536:7Mxtjx62+Ypjj+FFDLB/Ek8jOhC8jTXjUvzIkPR0:7AxF+YpjEFHBcHOn47IEq

Score

10^/10

mirai mirai defense_evasion linux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  mirai.x86.elf
- Size
  
  54KB
- MD5
  
  014a0d28c6684fa6486fc344c246f69c
- SHA1
  
  611a1dcfd5a6dcf5bc4d433c91dc912f19885e9d
- SHA256
  
  6ff23721d3b6c6677de0ee75d7d8c65baae779ebf87e090e1fd031f0bf02ea6e
- SHA512
  
  36a71bf3a1bae29b02da543c7a3b9c6be02149e4ee6e0bcf7267abfcb8bb46e1e89ebc5becc5b3e92c749620e6e11df2a66c0cad76b42d1b7e26874d65c7a0df
- SSDEEP
  
  1536:7Mxtjx62+Ypjj+FFDLB/Ek8jOhC8jTXjUvzIkPR0:7AxF+YpjEFHBcHOn47IEq
Score

7^/10

defense_evasion
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasion