mirai | 447d17c5b43bc6e56a15a3d749ccfdb3a1ff46f297d468263a942076936065f4 | Triage

Sharing

General

Target

b9662f3a0ddb2a70d1debc0758df9bfd_JaffaCakes118
Size

54KB
Sample

240617-w4t3fayhjf
MD5

b9662f3a0ddb2a70d1debc0758df9bfd
SHA1

b63df4b55762cac28215985d4b292623ada4839d
SHA256

447d17c5b43bc6e56a15a3d749ccfdb3a1ff46f297d468263a942076936065f4
SHA512

e3308d53d1f29335efe21e587f7a54b3589ed68383f80f84f2b20e032f2380b9f5cbd40b5108b601d3cb6fe0cdd0918e8ac96bb00e03866e33a39d9d588b9c5f
SSDEEP

1536:ZIEcRCcUuCLvjoj3if+L712fyTWEPFTyhXM:KCcfCLvj0IkZgyTWeFTAc

Score

10^/10

mirai mirai discovery linux

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

- Target
  
  b9662f3a0ddb2a70d1debc0758df9bfd_JaffaCakes118
- Size
  
  54KB
- MD5
  
  b9662f3a0ddb2a70d1debc0758df9bfd
- SHA1
  
  b63df4b55762cac28215985d4b292623ada4839d
- SHA256
  
  447d17c5b43bc6e56a15a3d749ccfdb3a1ff46f297d468263a942076936065f4
- SHA512
  
  e3308d53d1f29335efe21e587f7a54b3589ed68383f80f84f2b20e032f2380b9f5cbd40b5108b601d3cb6fe0cdd0918e8ac96bb00e03866e33a39d9d588b9c5f
- SSDEEP
  
  1536:ZIEcRCcUuCLvjoj3if+L712fyTWEPFTyhXM:KCcfCLvj0IkZgyTWeFTAc
Score

9^/10

discovery
- Contacts a large (23990) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1