mirai | 1411a81285e05d0a6b7540cb1ba1438825efbb3bacc4c4e7a2d54c8564948b8e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b36a564014b7d895e23e78c6c9903463_JaffaCakes118
Size

77KB
Sample

240821-pe3jysxgph
MD5

b36a564014b7d895e23e78c6c9903463
SHA1

e79d57941dd43983cc9618b577822dec2ab31de4
SHA256

1411a81285e05d0a6b7540cb1ba1438825efbb3bacc4c4e7a2d54c8564948b8e
SHA512

b547c8b61c15341b1a794df6295b61d7efa14c6b52cbff8aa7654dcc921742a9cdef631331617d0123d6b9518cfae629c0e9ba596b40a0248ffd91cf3f38d5de
SSDEEP

1536:T4psVUay6+vl/B1aIuy8Umx9ECYHXw2N7Ud1orqjc0D7:0aZy6+vdmIuy8UKu7Uduroco7

Score

10^/10

mirai mirai discovery

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

C2

lol.godlynet.cf

scan.godmirai.cf

Targets

- Target
  
  b36a564014b7d895e23e78c6c9903463_JaffaCakes118
- Size
  
  77KB
- MD5
  
  b36a564014b7d895e23e78c6c9903463
- SHA1
  
  e79d57941dd43983cc9618b577822dec2ab31de4
- SHA256
  
  1411a81285e05d0a6b7540cb1ba1438825efbb3bacc4c4e7a2d54c8564948b8e
- SHA512
  
  b547c8b61c15341b1a794df6295b61d7efa14c6b52cbff8aa7654dcc921742a9cdef631331617d0123d6b9518cfae629c0e9ba596b40a0248ffd91cf3f38d5de
- SSDEEP
  
  1536:T4psVUay6+vl/B1aIuy8Umx9ECYHXw2N7Ud1orqjc0D7:0aZy6+vdmIuy8UKu7Uduroco7
Score

9^/10

discovery
- Contacts a large (9435) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1