Rimasuta New Variant Switches to ChaCha20 Encryption Algorithm [Monday, January 15, 2024]

A new variant of the Mirai malware, known as Rimasuta, has recently resurfaced in samples captured by 360netlab in Japan, but has undergone a signi...
Rimasuta New Variant Switches to ChaCha20 Encryption Algorithm [Monday, January 15, 2024]
Rimasuta New Variant Switches to ChaCha20 Encryption Algorithm
Report

Rimasuta New Variant Switches to ChaCha20 Encryption Algorithm

Description :
A new variant of the Mirai malware, known as Rimasuta, has recently resurfaced in samples captured by 360netlab in Japan, but has undergone a significant change in its encryption algorithm.

Published Created Modified
2024-01-15 10:36:45 2024-01-15 10:36:45 2024-01-15 10:56:58

Tags

Indicators

IPv4s :
  • 95.164.45.27
  • 194.233.174.22
  • 37.235.56.204
  • 194.68.27.149
  • 45.120.178.161
  • 162.252.175.90
  • 37.235.53.217
  • 91.132.95.28
  • 158.255.212.173
  • 162.252.175.109
  • 213.183.57.174
  • 31.40.212.130
  • 158.255.208.140
  • 92.243.64.36
  • 37.143.128.223
  • 162.252.175.163
  • 91.132.95.135
  • 151.236.20.39
  • 176.120.74.3
  • 89.31.120.126
  • 194.68.27.176
  • 151.236.23.232
  • 198.244.207.203
  • 91.132.95.204
  • 213.183.57.72
  • 92.243.64.184
  • 185.26.239.98
  • 208.115.230.243
  • 162.252.175.122
  • 91.132.93.33
  • 185.126.239.207
  • 162.252.175.136
Domains :
  • 3crj2ylhdffpf2yik4bb2hn32xey2bdhcpykxfezb4sq53eelglp3sqd.onion
  • s4ofksblif7bmo7sp64f56gij6xzh7sznvrn46m6daup2hwdmwbiabqd.onion
  • yqs4gu4c2kb5ybgcigkl5gcsqbjuk5n2su2pozpsw4ojav2op5gddkid.onion
  • syd5mtjvcqxvnnkeqjjkdm2oz2jzl6swrfhnvliiemxtgiqvcbm26nyd.onion
  • m7wajjzas7eotqw4b6k4aei5q4zijdal3spsec7wsfmf2xqjhmydjiyd.onion
  • u7kteztwfg3p6wdeiq6y7zidxx3xtto4gmm2vwz42mzd6s4ixgvpgxyd.onion
  • fend7yhjoeam7b4fp4rj5oobphuvmhjbovhtvporusjex4nyoiamgdyd.onion
  • acuy77ahadd6g5rw2pxsuejskirjmxaoj37ck7fvj4h4kc36a3uwirqd.onion
  • pcjvbrttcy2s3gqpgwklgsco4u4bskr5xhvdzs4pzqqcrfllkwe437id.onion
  • bbknilviexavjvnwdtdqmhsexqcokfwgdqthxexvuwzlwgaggddaahxn.onion
  • s5q2zsdf5n7dezz2hcah23iodsrn6gpyv6f2dxv62ikp7idntmlecvqd.onion
  • uu2iggf5wq57dt6xanfdmwq3rvxqorkb43bh2eacj2vz22nvwewlxcyd.onion
  • wf4uxi6izbqppzb4fvg4sq7sm5t5w5xl5v5pkxpguwpr4aci7hvzboid.onion
  • sourt33xcdoyg4jcrh33qvx6cjoneowihsfrbuqldkrrili54gdvryyd.onion
  • 44yd2dxmm5xuo7dsivwkf2fqyqmfsqkt5nkxdlgwpnbr57sca56j74yd.onion
  • yjh2bktujnqkj7u7g7hxotck6sfhjuf7crhc4vcf6ewpa7swoqalfkid.onion
  • m5idjwoj4q5yrmo5xbnvhoqqrdld6pruxx5qjvr6gfnnmao4xiniwzid.onion
  • c3uybau64lj32ty3z3sxgchnrmg72bvbpua66mcvydcjpgrbv2r6huyd.onion
  • wjd2t2lzbgb7g7bcenpl2r2bsobkbwwpooqrmiwqjkpktm5p5seifcid.onion
  • tybocptxypx42ngrcqldrgas536syipwotmfnbjpwc5fpxth4xf4faqd.onion
  • wauby5e7m6zf2eb7rfn7nqm3diuaehdu6tfay4janiktgx33wjfifkyd.onion
  • xjdhr5is3qsw2cyekdxo57gchpxusvkko3265x2lmmn4g6fnlimdngqd.onion
  • npnsktlnofwisqvd3e6tpslinkypajmh5jctyjivuf6jza3syw2v6cid.onion
  • bvxx2p6hfttpiyntpuf72axcvaakjbz5zgiea7iklkrb2s6wrdrv4lid.onion
  • 24rq2pvihkrct6pxl6zy3p36gt2wd6sn6izoz7ntlivxvbuu5ei3xwad.onion
  • drv4lids5q2zsdf5n7dezz2hcah23iodsrn6gpyv6f2dxv62ikp7idntmlecvqd.onion
Malwares :
  • Rimasuta
  • Mirai
Hashes :
  • 1ef03a82eea195e64a8f193fe0a50c5b78e0801f
  • 43dc4acbf65be07f00d53e6b2c65b572e4b43f30227aa42438e34d21ecc50acd
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.