mirai | c2eacfb5b2333e6ba535c29210ee54991cdbf337acfb1b8b57dd4a0d3e2168b5 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3f2667834d...kes118

ubuntu-20.04-amd64

9

Sharing

General

Target

3f2667834d3d0abbcd7f89674b89f405_JaffaCakes118
Size

64KB
Sample

240513-m3efxscc45
MD5

3f2667834d3d0abbcd7f89674b89f405
SHA1

af9d54c5c727d0e63c942b68458b3896254b06b7
SHA256

c2eacfb5b2333e6ba535c29210ee54991cdbf337acfb1b8b57dd4a0d3e2168b5
SHA512

e60c86d05d84bd6a2bb60b31d0782b2d7380d765a54c61027ab6f533e75845b588547696b764b8a907f6b74fb0989a46e2495ddc034b0de81a5da7581e62e5e3
SSDEEP

1536:IIG9170vwHbQXZ5+qXDEuXi9aBSW7V/DjObeFt6PuQ4Zr:I917iwHbQXZ5+qXA59eSWZ/XObeb6GZZ

Score

10^/10

mirai lzrd discovery linux

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3f2667834d3d0abbcd7f89674b89f405_JaffaCakes118

Resource

ubuntu2004-amd64-20240508-en

ubuntu-20.04-amd64

7 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  3f2667834d3d0abbcd7f89674b89f405_JaffaCakes118
- Size
  
  64KB
- MD5
  
  3f2667834d3d0abbcd7f89674b89f405
- SHA1
  
  af9d54c5c727d0e63c942b68458b3896254b06b7
- SHA256
  
  c2eacfb5b2333e6ba535c29210ee54991cdbf337acfb1b8b57dd4a0d3e2168b5
- SHA512
  
  e60c86d05d84bd6a2bb60b31d0782b2d7380d765a54c61027ab6f533e75845b588547696b764b8a907f6b74fb0989a46e2495ddc034b0de81a5da7581e62e5e3
- SSDEEP
  
  1536:IIG9170vwHbQXZ5+qXDEuXi9aBSW7V/DjObeFt6PuQ4Zr:I917iwHbQXZ5+qXA59eSWZ/XObeb6GZZ
Score

9^/10

discovery
- Contacts a large (20618) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.