mirai | 547198bca9c35f4fe328362d4b68c2b3657be3670617cdd938e7c8b6e39e4018 | Triage

Sharing

General

Target

f85c2bbdb426c59bed3d35ce81794b53
Size

79KB
Sample

231220-v4g77saff3
MD5

f85c2bbdb426c59bed3d35ce81794b53
SHA1

03ce31668483de24869c77d74df829eba670db28
SHA256

547198bca9c35f4fe328362d4b68c2b3657be3670617cdd938e7c8b6e39e4018
SHA512

d6a8b313d587b4b30bb102923e4ee6b6c683db6f100d82199fbd39aa148e09ec8ee41ad116db486ee1e99a5d8c50f5c3105d9d8ca9c3dc4502bc7f15b21d4049
SSDEEP

1536:5f/D+ALfMbeexZUCU31MXQvqe6L6Ucn4dfM03nSVRApxCEvHK4yxRnK:R/1LfEeK21MDr6d4dfM03nUuFJ

Score

10^/10

mirai bot discovery

Malware Config

Extracted

Family

mirai

Botnet

BOT

Targets

- Target
  
  f85c2bbdb426c59bed3d35ce81794b53
- Size
  
  79KB
- MD5
  
  f85c2bbdb426c59bed3d35ce81794b53
- SHA1
  
  03ce31668483de24869c77d74df829eba670db28
- SHA256
  
  547198bca9c35f4fe328362d4b68c2b3657be3670617cdd938e7c8b6e39e4018
- SHA512
  
  d6a8b313d587b4b30bb102923e4ee6b6c683db6f100d82199fbd39aa148e09ec8ee41ad116db486ee1e99a5d8c50f5c3105d9d8ca9c3dc4502bc7f15b21d4049
- SSDEEP
  
  1536:5f/D+ALfMbeexZUCU31MXQvqe6L6Ucn4dfM03nSVRApxCEvHK4yxRnK:R/1LfEeK21MDr6d4dfM03nUuFJ
Score

9^/10

discovery
- Contacts a large (196179) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1