mirai | 2ef01c653432f09a92943608afd13fb7708d9700756a699f0f4820a959984ead | Triage

Sharing

General

Target

31e9277407416394f744a7b8291905ea_JaffaCakes118
Size

152KB
Sample

240511-a8s52sbg5w
MD5

31e9277407416394f744a7b8291905ea
SHA1

b15d7222dc3a87bfdd5cde52586e5529f3324ac4
SHA256

2ef01c653432f09a92943608afd13fb7708d9700756a699f0f4820a959984ead
SHA512

76141c1131dccad5796f768c379be6fa87129ec20a177accbbd65441974977a2d232d1b23b7ca1b453a61a02561bb5753e692307ce37bb53ccfea69d16c0b2a4
SSDEEP

3072:ES5T+cN5QKyKXvdM8gECKiE6/RaPNIMQwHKZB5XzGLMkm2LSM/9EYzd:ES9+cN5QKyKXvdM8gce/RaPNIMQwqZjK

Score

10^/10

mirai lzrd discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  31e9277407416394f744a7b8291905ea_JaffaCakes118
- Size
  
  152KB
- MD5
  
  31e9277407416394f744a7b8291905ea
- SHA1
  
  b15d7222dc3a87bfdd5cde52586e5529f3324ac4
- SHA256
  
  2ef01c653432f09a92943608afd13fb7708d9700756a699f0f4820a959984ead
- SHA512
  
  76141c1131dccad5796f768c379be6fa87129ec20a177accbbd65441974977a2d232d1b23b7ca1b453a61a02561bb5753e692307ce37bb53ccfea69d16c0b2a4
- SSDEEP
  
  3072:ES5T+cN5QKyKXvdM8gECKiE6/RaPNIMQwHKZB5XzGLMkm2LSM/9EYzd:ES9+cN5QKyKXvdM8gce/RaPNIMQwqZjK
Score

9^/10

discovery
- Contacts a large (23989) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1