mirai | 7f409aa009dc60d55a2a7cb6d514adb8b6fd058d55586137d25a96c1139b47ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

467fe7c08f4c63d3666b6578de978e7a
Size

41KB
Sample

231219-232nsadcd8
MD5

467fe7c08f4c63d3666b6578de978e7a
SHA1

7784e10d4fba231fb8b02d70288ea9fb94778ba6
SHA256

7f409aa009dc60d55a2a7cb6d514adb8b6fd058d55586137d25a96c1139b47ea
SHA512

2ca0497d1aa2a7794377c62b647e7027592ca15e813510a2bfeb291ea67ac497ee1417db5661c5a3415786965cc5d348e91e2fbd5d48ce9f13428bbdf271617a
SSDEEP

768:W0y60E2+qzD9ZNYb50V6u1U1ppodmRLPU5uyPhS15ctGVNOqJxV74bgmN:E6p2+0D9E0fk/RLU5uypGCEJLUTN

Score

10^/10

mirai larry

Malware Config

Extracted

Family

mirai

Botnet

LARRY

C2

cnc.junoland.xyz

scan.junoland.xyz

Targets

- Target
  
  467fe7c08f4c63d3666b6578de978e7a
- Size
  
  41KB
- MD5
  
  467fe7c08f4c63d3666b6578de978e7a
- SHA1
  
  7784e10d4fba231fb8b02d70288ea9fb94778ba6
- SHA256
  
  7f409aa009dc60d55a2a7cb6d514adb8b6fd058d55586137d25a96c1139b47ea
- SHA512
  
  2ca0497d1aa2a7794377c62b647e7027592ca15e813510a2bfeb291ea67ac497ee1417db5661c5a3415786965cc5d348e91e2fbd5d48ce9f13428bbdf271617a
- SSDEEP
  
  768:W0y60E2+qzD9ZNYb50V6u1U1ppodmRLPU5uyPhS15ctGVNOqJxV74bgmN:E6p2+0D9E0fk/RLU5uypGCEJLUTN
Score

6^/10
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1