mirai | c8914ea451d41f7e75e8b03c649b7a53a4aab52cd2f517f1d93dee19ef5221b7 | Triage

Sharing

General

Target

JaffaCakes118_248db6aafaf0d1595c6fdfb2b3e79276
Size

52KB
Sample

241231-sqwsbsyngm
MD5

248db6aafaf0d1595c6fdfb2b3e79276
SHA1

d5d24bd25c4b0ccbf65b631e5db7ff4a9d56fd06
SHA256

c8914ea451d41f7e75e8b03c649b7a53a4aab52cd2f517f1d93dee19ef5221b7
SHA512

83a557b947aa3e3f6cf7cc6837f79541bbf589c991330710a97932b90af0d2257953391172abe75daf929c468705ba4829f78420702414c3eef6a5baf01d0fdf
SSDEEP

1536:O3n/AinH8TWlAfRonHZ6idq18KHEY2EVxOa3x5deG:tq5HMidqi3mU

Score

10^/10

mirai ssh discovery

Malware Config

Extracted

Family

mirai

Botnet

SSH

Targets

- Target
  
  JaffaCakes118_248db6aafaf0d1595c6fdfb2b3e79276
- Size
  
  52KB
- MD5
  
  248db6aafaf0d1595c6fdfb2b3e79276
- SHA1
  
  d5d24bd25c4b0ccbf65b631e5db7ff4a9d56fd06
- SHA256
  
  c8914ea451d41f7e75e8b03c649b7a53a4aab52cd2f517f1d93dee19ef5221b7
- SHA512
  
  83a557b947aa3e3f6cf7cc6837f79541bbf589c991330710a97932b90af0d2257953391172abe75daf929c468705ba4829f78420702414c3eef6a5baf01d0fdf
- SSDEEP
  
  1536:O3n/AinH8TWlAfRonHZ6idq18KHEY2EVxOa3x5deG:tq5HMidqi3mU
Score

9^/10

discovery
- Contacts a large (227651) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1