mirai | 97fdfbb612a9dfa79f98c02bfaa3d62f6d1e71b8bfca40bc499850e4a12db65d | Triage

Sharing

General

Target

63883d432de9c8f0720bc82b51022b73_JaffaCakes118
Size

108KB
Sample

240521-q9h98sgd7v
MD5

63883d432de9c8f0720bc82b51022b73
SHA1

b76571ac84581ba28040bf5b2536331e7b83d9ed
SHA256

97fdfbb612a9dfa79f98c02bfaa3d62f6d1e71b8bfca40bc499850e4a12db65d
SHA512

ae8c199ff3efbd0327d4a13283d25e3f37bd458171e6b0d2dbc997c4b81c07d6447f840f5b353e05332ebb8002354284f369c845808fe5b40d37197ef3747892
SSDEEP

3072:zynciUhvyfdyB4ML3tN41HO6L7M/9QfFl8:OnpUkfdyB4MLtqH7HM/9QNl8

Score

10^/10

mirai orphic discovery

Malware Config

Extracted

Family

mirai

Botnet

ORPHIC

Targets

- Target
  
  63883d432de9c8f0720bc82b51022b73_JaffaCakes118
- Size
  
  108KB
- MD5
  
  63883d432de9c8f0720bc82b51022b73
- SHA1
  
  b76571ac84581ba28040bf5b2536331e7b83d9ed
- SHA256
  
  97fdfbb612a9dfa79f98c02bfaa3d62f6d1e71b8bfca40bc499850e4a12db65d
- SHA512
  
  ae8c199ff3efbd0327d4a13283d25e3f37bd458171e6b0d2dbc997c4b81c07d6447f840f5b353e05332ebb8002354284f369c845808fe5b40d37197ef3747892
- SSDEEP
  
  3072:zynciUhvyfdyB4ML3tN41HO6L7M/9QfFl8:OnpUkfdyB4MLtqH7HM/9QNl8
Score

9^/10

discovery
- Contacts a large (57575) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1