mirai | c7e2cd23a3d4b9c2c68bbc78bc7400e0ba6f13b7b2331348dc6b947eaaa8cd32 | Triage

Sharing

General

Target

62913df7480181ae3ed3fcb094b85e76_JaffaCakes118
Size

139KB
Sample

240521-jrz2psdf23
MD5

62913df7480181ae3ed3fcb094b85e76
SHA1

73a496402da33d54fa999e3e8de2c13679ee9442
SHA256

c7e2cd23a3d4b9c2c68bbc78bc7400e0ba6f13b7b2331348dc6b947eaaa8cd32
SHA512

61a90b260537bc56e7050e13bf810bbe297665a26f88c9fa0d9c571ff0bed2e8db937f48cf65df1b234c35d81d89a5aa8bc5a983e9915df5c202688cfda05f70
SSDEEP

3072:wybUEGniGQYtOR7aCgk9mrsplDKZUmQBKXAVanJX+F8Jyve4hL5AJI4+3jJNx132:jbUEGniGQYtOR7aPk9mrsplDKZUmQBK9

Score

10^/10

mirai lzrd discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  62913df7480181ae3ed3fcb094b85e76_JaffaCakes118
- Size
  
  139KB
- MD5
  
  62913df7480181ae3ed3fcb094b85e76
- SHA1
  
  73a496402da33d54fa999e3e8de2c13679ee9442
- SHA256
  
  c7e2cd23a3d4b9c2c68bbc78bc7400e0ba6f13b7b2331348dc6b947eaaa8cd32
- SHA512
  
  61a90b260537bc56e7050e13bf810bbe297665a26f88c9fa0d9c571ff0bed2e8db937f48cf65df1b234c35d81d89a5aa8bc5a983e9915df5c202688cfda05f70
- SSDEEP
  
  3072:wybUEGniGQYtOR7aCgk9mrsplDKZUmQBKXAVanJX+F8Jyve4hL5AJI4+3jJNx132:jbUEGniGQYtOR7aPk9mrsplDKZUmQBK9
Score

9^/10

discovery
- Contacts a large (20587) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1