mirai | c355c956dae58b039299ab4fc754a196eb3a3cb1470a1b08daea90c155de11f7 | Triage

Sharing

General

Target

23a5f4418be51da2e97c35a4ddd6757d_JaffaCakes118
Size

82KB
Sample

240508-he7qcaac34
MD5

23a5f4418be51da2e97c35a4ddd6757d
SHA1

c41e30580f9a0987ff8dbe122bbd80df4ca5e530
SHA256

c355c956dae58b039299ab4fc754a196eb3a3cb1470a1b08daea90c155de11f7
SHA512

42e56204e5057f9cf1c506fcc5db40ec13cda103d7712e1e97ea65c53c0af85a2bca16b53e0c80452e7dc27ca7ed66019aa7d3ff1147448f4480bed85a8e4ba3
SSDEEP

1536:arC3o8ZVvc+K5/UUx1VU9O0N70ioV3pMdKiVjLnJeZWouizIM:aO3vVv/K5/1cjLJwpuyx

Score

10^/10

mirai lzrd discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  23a5f4418be51da2e97c35a4ddd6757d_JaffaCakes118
- Size
  
  82KB
- MD5
  
  23a5f4418be51da2e97c35a4ddd6757d
- SHA1
  
  c41e30580f9a0987ff8dbe122bbd80df4ca5e530
- SHA256
  
  c355c956dae58b039299ab4fc754a196eb3a3cb1470a1b08daea90c155de11f7
- SHA512
  
  42e56204e5057f9cf1c506fcc5db40ec13cda103d7712e1e97ea65c53c0af85a2bca16b53e0c80452e7dc27ca7ed66019aa7d3ff1147448f4480bed85a8e4ba3
- SSDEEP
  
  1536:arC3o8ZVvc+K5/UUx1VU9O0N70ioV3pMdKiVjLnJeZWouizIM:aO3vVv/K5/1cjLJwpuyx
Score

9^/10

discovery
- Contacts a large (20687) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1