mirai | 43b93ea9e6c56a601c43b16ee8813561e1e0642a987a44d997ff9eb5ef970583 | Triage

Sharing

General

Target

07c683324dabd645dad0a4d883d4890b
Size

37KB
Sample

231219-2b9v3sffdm
MD5

07c683324dabd645dad0a4d883d4890b
SHA1

2f4f20bec78ab8fa62345459fa553919946d1055
SHA256

43b93ea9e6c56a601c43b16ee8813561e1e0642a987a44d997ff9eb5ef970583
SHA512

9c7b465b3772a18da00c7995c7e9aaa5d841e22784f8abdc2ccc9ba87013ef115765fd104dc647536185a0f07810740025a5786d1912e9bc54e8a3bab47d7186
SSDEEP

768:qMF152grEqrLCbepuhqVPdRNemB+CoGnORuRm2PHGATPhrgvlBFaUBEclbpugs8X:P1wgrEgLCdqxj8N+OsRm2HGATprgvlz7

Score

10^/10

mirai larry discovery

Malware Config

Extracted

Family

mirai

Botnet

LARRY

C2

cnc.junoland.xyz

scan.junoland.xyz

Targets

- Target
  
  07c683324dabd645dad0a4d883d4890b
- Size
  
  37KB
- MD5
  
  07c683324dabd645dad0a4d883d4890b
- SHA1
  
  2f4f20bec78ab8fa62345459fa553919946d1055
- SHA256
  
  43b93ea9e6c56a601c43b16ee8813561e1e0642a987a44d997ff9eb5ef970583
- SHA512
  
  9c7b465b3772a18da00c7995c7e9aaa5d841e22784f8abdc2ccc9ba87013ef115765fd104dc647536185a0f07810740025a5786d1912e9bc54e8a3bab47d7186
- SSDEEP
  
  768:qMF152grEqrLCbepuhqVPdRNemB+CoGnORuRm2PHGATPhrgvlBFaUBEclbpugs8X:P1wgrEgLCdqxj8N+OsRm2HGATprgvlz7
Score

9^/10

discovery
- Contacts a large (76810) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1