mirai | 03935f2d3bade18acb3e378b36372d84057e28a5107e78424bd14f878cecd42b | Triage

Sharing

General

Target

f1b4efcf7f14e369d85f3804076ff42b_JaffaCakes118
Size

141KB
Sample

240415-xrfvqadf56
MD5

f1b4efcf7f14e369d85f3804076ff42b
SHA1

325fb929f905e4e181965d3dd01fcd1b46b820ef
SHA256

03935f2d3bade18acb3e378b36372d84057e28a5107e78424bd14f878cecd42b
SHA512

9f3bad179998d29748681e63d3ca879116f67c3db8bb23251a0b5983ed7b45ee27fcda3f0d89c6bffb1e26eafe9c181a8e814f9fa806325ea88d46379119bebd
SSDEEP

3072:ka5gM69pe0QmlTvIUdt9mrsplDKZUQQBKXAVanXX+F8JyvzPhLZ8RvBgR6yoC1MG:ka5gM69pe0QmlTvI8t9mrsplDKZUQQBp

Score

10^/10

mirai lzrd discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  f1b4efcf7f14e369d85f3804076ff42b_JaffaCakes118
- Size
  
  141KB
- MD5
  
  f1b4efcf7f14e369d85f3804076ff42b
- SHA1
  
  325fb929f905e4e181965d3dd01fcd1b46b820ef
- SHA256
  
  03935f2d3bade18acb3e378b36372d84057e28a5107e78424bd14f878cecd42b
- SHA512
  
  9f3bad179998d29748681e63d3ca879116f67c3db8bb23251a0b5983ed7b45ee27fcda3f0d89c6bffb1e26eafe9c181a8e814f9fa806325ea88d46379119bebd
- SSDEEP
  
  3072:ka5gM69pe0QmlTvIUdt9mrsplDKZUQQBKXAVanXX+F8JyvzPhLZ8RvBgR6yoC1MG:ka5gM69pe0QmlTvI8t9mrsplDKZUQQBp
Score

9^/10

discovery
- Contacts a large (20264) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1