mirai | d0f39b2c723665b52ab3c4724ccd4459b733cab3bf88f1a1d4b6830a687d23d4 | Triage

Sharing

General

Target

b6186a5d915b6539b14fe62da44f9efd
Size

31KB
Sample

231220-qbv65sdber
MD5

b6186a5d915b6539b14fe62da44f9efd
SHA1

cbb62c2afdbeff6faeeed5d88b8e7ddab981744e
SHA256

d0f39b2c723665b52ab3c4724ccd4459b733cab3bf88f1a1d4b6830a687d23d4
SHA512

d179faf7cf5336d68506a1d7b1619312ddf8f773ff93d01360b65b4de82ed0a8920d4e350097e24ee5f690bebc9afd882bb6e4514079c17b6d4fe3be56624ad1
SSDEEP

768:5OYuNbvbHyo/Y+jVAqoGqORuRm2P1GAXPhrYlBFaKBtmu+ks8X:xuVvbSo/YkubOsRm21GAXprYlzaMJs8

Score

10^/10

mirai larry discovery

Malware Config

Extracted

Family

mirai

Botnet

LARRY

C2

cnc.junoland.xyz

scan.junoland.xyz

Targets

- Target
  
  b6186a5d915b6539b14fe62da44f9efd
- Size
  
  31KB
- MD5
  
  b6186a5d915b6539b14fe62da44f9efd
- SHA1
  
  cbb62c2afdbeff6faeeed5d88b8e7ddab981744e
- SHA256
  
  d0f39b2c723665b52ab3c4724ccd4459b733cab3bf88f1a1d4b6830a687d23d4
- SHA512
  
  d179faf7cf5336d68506a1d7b1619312ddf8f773ff93d01360b65b4de82ed0a8920d4e350097e24ee5f690bebc9afd882bb6e4514079c17b6d4fe3be56624ad1
- SSDEEP
  
  768:5OYuNbvbHyo/Y+jVAqoGqORuRm2P1GAXPhrYlBFaKBtmu+ks8X:xuVvbSo/YkubOsRm21GAXprYlzaMJs8
Score

9^/10

discovery
- Contacts a large (53613) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1