mirai | 8e5a83c63b80e411953fac0c77d44bd2066c4eeffa3d3b7319dadd15fdf80c0c | Triage

Sharing

General

Target

c164c99d86e7cecd4e495d23c616c21b
Size

139KB
Sample

240311-xzm9rsbh7s
MD5

c164c99d86e7cecd4e495d23c616c21b
SHA1

82e303e6acac6c012e280a526359917a73828f53
SHA256

8e5a83c63b80e411953fac0c77d44bd2066c4eeffa3d3b7319dadd15fdf80c0c
SHA512

1ee2b285a26b7d418357eca48bbd0830358b1b563a774e90a0d550e2508ccf59c88f1a489d31732731c595102a681666e149db67bd02b5660df30ed6f9686805
SSDEEP

3072:QybUEGniGQYtOR7aCgk9mrsplDKZUmQBKXAVanJX+F8Jyve4hL5AJI4+3jJNx139:DbUEGniGQYtOR7aPk9mrsplDKZUmQBKO

Score

10^/10

mirai lzrd discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  c164c99d86e7cecd4e495d23c616c21b
- Size
  
  139KB
- MD5
  
  c164c99d86e7cecd4e495d23c616c21b
- SHA1
  
  82e303e6acac6c012e280a526359917a73828f53
- SHA256
  
  8e5a83c63b80e411953fac0c77d44bd2066c4eeffa3d3b7319dadd15fdf80c0c
- SHA512
  
  1ee2b285a26b7d418357eca48bbd0830358b1b563a774e90a0d550e2508ccf59c88f1a489d31732731c595102a681666e149db67bd02b5660df30ed6f9686805
- SSDEEP
  
  3072:QybUEGniGQYtOR7aCgk9mrsplDKZUmQBKXAVanJX+F8Jyve4hL5AJI4+3jJNx139:DbUEGniGQYtOR7aPk9mrsplDKZUmQBKO
Score

9^/10

discovery
- Contacts a large (20590) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1