mirai | d3d2837b31d327f95672653315459d48d963ca2c3bae3998a94ea04eac363f2e | Triage

Sharing

General

Target

5c22c325bd98bb30cac0ce072fb9a90c_JaffaCakes118
Size

141KB
Sample

240519-3xeshahf66
MD5

5c22c325bd98bb30cac0ce072fb9a90c
SHA1

38ad9ba80fa773440dd3c3274fad513e43035a91
SHA256

d3d2837b31d327f95672653315459d48d963ca2c3bae3998a94ea04eac363f2e
SHA512

e50224a41cfd5b31fc7281911ea94df1f5d6d687a0b3df505235e91e491d674a2d00015dc75290dac5afa886ca939ab5c99e28cb461d435c74123f3d0ccba232
SSDEEP

3072:pO3gg6ZpK00mhTTIhdt9mrsplDKZUQQBKXAVanXX+F8JyvGPhLZ85iBMR6yoC1QW:pO3gg6ZpK00mhTTIvt9mrsplDKZUQQBb

Score

10^/10

mirai lzrd discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  5c22c325bd98bb30cac0ce072fb9a90c_JaffaCakes118
- Size
  
  141KB
- MD5
  
  5c22c325bd98bb30cac0ce072fb9a90c
- SHA1
  
  38ad9ba80fa773440dd3c3274fad513e43035a91
- SHA256
  
  d3d2837b31d327f95672653315459d48d963ca2c3bae3998a94ea04eac363f2e
- SHA512
  
  e50224a41cfd5b31fc7281911ea94df1f5d6d687a0b3df505235e91e491d674a2d00015dc75290dac5afa886ca939ab5c99e28cb461d435c74123f3d0ccba232
- SSDEEP
  
  3072:pO3gg6ZpK00mhTTIhdt9mrsplDKZUQQBKXAVanXX+F8JyvGPhLZ85iBMR6yoC1QW:pO3gg6ZpK00mhTTIvt9mrsplDKZUQQBb
Score

9^/10

discovery
- Contacts a large (20177) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1