InfectedSlurs Botnet Spreads Mirai via Zero-Days [Friday, November 24, 2023]

InfectedSlurs Botnet Spreads Mirai via Zero-Days [Friday, November 24, 2023]
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/ATTACK-REPORT-LOGO-2.png
Report

InfectedSlurs Botnet Spreads Mirai via Zero-Days

Description :
In late October 2023, the Akamai SIRT observed an increase in activity targeting a rarely used TCP port on their honeypots, peaking at 20 attempts per day and later averaging two to three attempts daily. Subsequent investigation, until November 9, revealed a specific HTTP exploit path and targeted port, raising questions about discovered devices fitting the profile due to an odd HTTP response Server header with internet slang roots.

Published :
2023-11-24T13:17:21.518Z

Created :
2023-11-24T13:17:21.518Z

Modified :
2023-11-24T13:29:38.775Z

Tags

  • hailbot
  • mirai
  • infectedslurs
  • jenx

Indicators

Domains :
  • wu.qwewu.site
  • asdjjasdhioasdia.online
  • cooldockmantoo.men
  • pqahzam.ink
  • czbrwa.geek
  • shetoldmeshewas12.geek
  • cnc.kintaro.cc
  • rwziag.pirate
  • cbdgzy.pirate
  • ksarpo.parody
  • shetoldmeshewas12.pirate
  • opewu.homes
  • hujunxa.cc
  • skid.uno
  • shetoldmeshewas13.geek
  • shetoldmeshewas13.parody
  • iaxtpa.parody
  • fawzpp.indy
  • jiggaboojones.tech
  • shetoldmeshewas13.pirate
  • gottalovethe.indy
  • dfvzfvd.help
  • sdfsd.xyz
  • homehitter.tk
  • infectedchink.cat
  • husd8uasd9.online
  • fuckmy.site
  • fuckmy.store
  • hbakun.geek
  • chinkona.buzz
  • hxqytk.geek
  • shetoldmeshewas12.parody
  • dogeatingchink.uno
  • chinks-eat-dogs.africa
  • infectedchink.online
Hashes :
  • f8abf9fb17f59cbd7381aa9f5f2e1952628897cee368defd6baa6885d74f3ecc
  • 92aa682b3757ee656e9baea85eb346496b349b35
  • 81efb73db1a980649f05bc5fb6dd1719547fd899
  • 3f3c2e779f8e3d7f2cc81536ef72d96dd1c7b7691b6e613f5f76c3d02909edd8
  • 8e64de3ac6818b4271d3de5d8e4a5d166d13d12804da01ce1cdb7510d8922cc6
  • 75ef686859010d6164bcd6a4d6cf8a590754ccc3ea45c47ace420b02649ec380
  • 35fcc2058ae3a0af68c5ed7452e57ff286abe6ded68bf59078abd9e7b11ea90a
  • a4975366f0c5b5b52fb371ff2cb034006955b3e3ae064e5700cc5365f27a1d26
  • infected_slurs_scripts_1
  • 7cc62a1bb2db82e76183eb06e4ca84e07a78cfb71241f21212afd1e01cb308b2
  • a3b78818bbef4fd55f704c96c203765b5ab37723bc87aac6aa7ebfcc76dfa06d
  • dogeating.monster
  • cd93264637cd3bf19b706afc19944dfb88cd27969aaf0077559e56842d9a0f87
  • dabdd4b5a3a70c64c031126fad36a4c45feb69a45e1028d79da6b443291addb8
  • cfbcbb876064c2cf671bdae61544649fa13debbbe58b72cf8c630b5bfc0649f9
  • 29f11b5d4dbd6d06d4906b9035f5787e16f9e23134a2cc43dfc1165127c89bff
  • 8777f9af3564b109b43cbcf1fd1a24180f5cf424965050594ce73d754a4e1099
  • ac43c52b42b123e2530538273dfb12e3b70178aa1dee6d4fd5198c08bfeb4dc1
Attacks Pattern :
  • T1203
External References :

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.