mirai | a9a4e55bc58130e81ed060b2c940a628a4b5f08f0764cf6bb94893e8d9fbb8b3 | Triage

Sharing

General

Target

8e4cac3151956a7cc90ce294b9cf4249
Size

74KB
Sample

231220-hx7hascbd9
MD5

8e4cac3151956a7cc90ce294b9cf4249
SHA1

2782ebcddb2882017588b8902e1ee16090c6aba7
SHA256

a9a4e55bc58130e81ed060b2c940a628a4b5f08f0764cf6bb94893e8d9fbb8b3
SHA512

c65a4909f929734cea846f11ecfff3a8a798b024e8c33079b1a19c4d9d5272cfe446a17bb5f64fd7254e88e5105f063e84fc8a170f4cbd735903500c65d06717
SSDEEP

1536:PCJ20olmeJuYqR2jQGATIJff0p9Ch7eIIemJ:70olmSqTIJff0XChkemJ

Score

10^/10

mirai control discovery

Malware Config

Extracted

Family

mirai

Botnet

CONTROL

Targets

- Target
  
  8e4cac3151956a7cc90ce294b9cf4249
- Size
  
  74KB
- MD5
  
  8e4cac3151956a7cc90ce294b9cf4249
- SHA1
  
  2782ebcddb2882017588b8902e1ee16090c6aba7
- SHA256
  
  a9a4e55bc58130e81ed060b2c940a628a4b5f08f0764cf6bb94893e8d9fbb8b3
- SHA512
  
  c65a4909f929734cea846f11ecfff3a8a798b024e8c33079b1a19c4d9d5272cfe446a17bb5f64fd7254e88e5105f063e84fc8a170f4cbd735903500c65d06717
- SSDEEP
  
  1536:PCJ20olmeJuYqR2jQGATIJff0p9Ch7eIIemJ:70olmSqTIJff0XChkemJ
Score

9^/10

discovery
- Contacts a large (38129) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Write file to user bin folder
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1