mirai | 7f5e7409c81aee6ff9e0ec8664ff50427bb785de165f94681b678484e2255514 | Triage

Sharing

General

Target

115975f6a5cef27dc71596dcf6b0f9e8_JaffaCakes118
Size

158KB
Sample

240504-dvra3seh39
MD5

115975f6a5cef27dc71596dcf6b0f9e8
SHA1

a90144258e35fec53f69e3f687323fad8adcb846
SHA256

7f5e7409c81aee6ff9e0ec8664ff50427bb785de165f94681b678484e2255514
SHA512

9b9a6841195c15154b071dadfeb27f60de1238c1a9a817c6446975bc51a74474df8dab473de37f0aaf05e18a778b749b64309fad0be8e93eb99052b803eba752
SSDEEP

3072:j92k/pc/dMBnoHTFnPeDvJi4n0a2scbJZwmZNy7Aq5RYHpa1oM/9jk86jZJ:j9X/pc/dMBnoHTFnPeNX0a2scbJZPZZN

Score

10^/10

mirai lzrd discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  115975f6a5cef27dc71596dcf6b0f9e8_JaffaCakes118
- Size
  
  158KB
- MD5
  
  115975f6a5cef27dc71596dcf6b0f9e8
- SHA1
  
  a90144258e35fec53f69e3f687323fad8adcb846
- SHA256
  
  7f5e7409c81aee6ff9e0ec8664ff50427bb785de165f94681b678484e2255514
- SHA512
  
  9b9a6841195c15154b071dadfeb27f60de1238c1a9a817c6446975bc51a74474df8dab473de37f0aaf05e18a778b749b64309fad0be8e93eb99052b803eba752
- SSDEEP
  
  3072:j92k/pc/dMBnoHTFnPeDvJi4n0a2scbJZwmZNy7Aq5RYHpa1oM/9jk86jZJ:j9X/pc/dMBnoHTFnPeNX0a2scbJZPZZN
Score

9^/10

discovery
- Contacts a large (23526) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1