Resubmissions

29-04-2022 05:03

220429-fpqtgagge9 9

29-04-2022 04:57

220429-flrxcsgge2 9

29-04-2022 04:52

220429-fhlaeaggd4 9

29-04-2022 03:41

220429-d8rtrsdbhn 10

General

  • Target

    meihao.x86

  • Size

    33KB

  • Sample

    220429-d8rtrsdbhn

  • MD5

    f722eaf9fc3198c13964dea1deb4eea1

  • SHA1

    d496ab7503a137ded37976522e6f1a969a40fc9c

  • SHA256

    19336546eb469f6f22bbf58708826714e704d851baea404db3eb09dd6c5fb8c0

  • SHA512

    b41f74ba5e9452ec5102b0bd0e9040b5c37aa411f577163f880aa20c67261a17c6d7a8718ab0875db64a50294a6c2a4d104d204f56b172057847cce9900268f3

Malware Config

Targets

    • Target

      meihao.x86

    • Size

      33KB

    • MD5

      f722eaf9fc3198c13964dea1deb4eea1

    • SHA1

      d496ab7503a137ded37976522e6f1a969a40fc9c

    • SHA256

      19336546eb469f6f22bbf58708826714e704d851baea404db3eb09dd6c5fb8c0

    • SHA512

      b41f74ba5e9452ec5102b0bd0e9040b5c37aa411f577163f880aa20c67261a17c6d7a8718ab0875db64a50294a6c2a4d104d204f56b172057847cce9900268f3

    Score
    10/10
    • suricata: ET MALWARE JAWS Webserver Unauthenticated Shell Command Execution

      suricata: ET MALWARE JAWS Webserver Unauthenticated Shell Command Execution

    • suricata: ET MALWARE Mirai Variant User-Agent (Outbound)

      suricata: ET MALWARE Mirai Variant User-Agent (Outbound)

    • Contacts a large (162559) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v6

Tasks