mirai | 73137f7c1dbaf535e62d26101ba70591c20e6b8bb8e9c80ef0dc92f5cfa96334 | Triage

Sharing

General

Target

18ea634aea2c1745fe988cfbb8334070_JaffaCakes118
Size

139KB
Sample

240505-xpk2nade57
MD5

18ea634aea2c1745fe988cfbb8334070
SHA1

19bc25f4767f643dc91d76f6ea5a9f53e3b59711
SHA256

73137f7c1dbaf535e62d26101ba70591c20e6b8bb8e9c80ef0dc92f5cfa96334
SHA512

ef1aa1b8a8653eddda1b04a4e3105cf11de66c1675cdf453ad57d4995c64c91de9abf5a191145d838a73f7a448e9063eb08313aff3866ee98f1553beaa083c1c
SSDEEP

3072:wybUEGniGQYtOR7aCgk9mrsplDKZUmQBKXAVanJX+F8Jyve4hL5AJI4+3jJNx13M:jbUEGniGQYtOR7aPk9mrsplDKZUmQBKD

Score

10^/10

mirai lzrd discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  18ea634aea2c1745fe988cfbb8334070_JaffaCakes118
- Size
  
  139KB
- MD5
  
  18ea634aea2c1745fe988cfbb8334070
- SHA1
  
  19bc25f4767f643dc91d76f6ea5a9f53e3b59711
- SHA256
  
  73137f7c1dbaf535e62d26101ba70591c20e6b8bb8e9c80ef0dc92f5cfa96334
- SHA512
  
  ef1aa1b8a8653eddda1b04a4e3105cf11de66c1675cdf453ad57d4995c64c91de9abf5a191145d838a73f7a448e9063eb08313aff3866ee98f1553beaa083c1c
- SSDEEP
  
  3072:wybUEGniGQYtOR7aCgk9mrsplDKZUmQBKXAVanJX+F8Jyve4hL5AJI4+3jJNx13M:jbUEGniGQYtOR7aPk9mrsplDKZUmQBKD
Score

9^/10

discovery
- Contacts a large (20487) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1