mirai | 5dfa18728a623333e4f9704bde5d30215f2e674e09b0b5ae4df5d75d3cfb3df2 | Triage

Sharing

General

Target

346ac5b5a9f85dba884e74ea98bf8d67_JaffaCakes118
Size

88KB
Sample

240511-ntqy2aed91
MD5

346ac5b5a9f85dba884e74ea98bf8d67
SHA1

4426016b6fd4ff638e728991fd73cd9e5b1a1460
SHA256

5dfa18728a623333e4f9704bde5d30215f2e674e09b0b5ae4df5d75d3cfb3df2
SHA512

20f94156d3dc80aedd68055b231492ec9804972a8f7ec8eae8d01e150b7ae801e8849974eb06d505e07e08e5cf8f9695fc982616828236f8bfde861441dc4d7d
SSDEEP

1536:u2roVkgy8pHI7zn+b3zly28p0ZDIl3zA953JjgxabYeZWwkndOGylC5:u2ro4lMZJjgAbYwjOd/yK

Score

10^/10

mirai lzrd discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  346ac5b5a9f85dba884e74ea98bf8d67_JaffaCakes118
- Size
  
  88KB
- MD5
  
  346ac5b5a9f85dba884e74ea98bf8d67
- SHA1
  
  4426016b6fd4ff638e728991fd73cd9e5b1a1460
- SHA256
  
  5dfa18728a623333e4f9704bde5d30215f2e674e09b0b5ae4df5d75d3cfb3df2
- SHA512
  
  20f94156d3dc80aedd68055b231492ec9804972a8f7ec8eae8d01e150b7ae801e8849974eb06d505e07e08e5cf8f9695fc982616828236f8bfde861441dc4d7d
- SSDEEP
  
  1536:u2roVkgy8pHI7zn+b3zly28p0ZDIl3zA953JjgxabYeZWwkndOGylC5:u2ro4lMZJjgAbYwjOd/yK
Score

9^/10

discovery
- Contacts a large (44833) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1