Overview

overview

10

Static

static

7

1ec0605508...kes118

ubuntu-20.04-amd64

10

Analysis

  • max time kernel
    0s
  • max time network
    131s
  • platform
    ubuntu-20.04_amd64
  • resource
    ubuntu2004-amd64-20240221-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
  • submitted
    29-03-2024 09:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1ec06055089732fea67930af74be2c95_JaffaCakes118

  • Size

    23KB

  • MD5

    1ec06055089732fea67930af74be2c95

  • SHA1

    367da13e501e81fd72fe4718201f39f66944f9d5

  • SHA256

    35aced3ec7331040d8bda1c7833ddc3f3f233f56fa9950179a6382485601d158

  • SHA512

    519ba6f84326eb14947122b431bf29f1651ec19a57c0c782696a80b3e331da4ba469082c40e1b41e4808d3edc8556afdf65e2ecb8153b8850e6420e9a7f074ed

  • SSDEEP

    384:MB5xGQrRp43lWzaxIemvHsbjvEaJ61IlyMUq6AHz0j+kQy+hqUKK6ZA3d6nmf1TG:a5xnC4axIDGb5AIlJrOj+kgIA3d6nDv

Score
10/10
miraisorabotnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 1 IoCs

Processes

  • /tmp/1ec06055089732fea67930af74be2c95_JaffaCakes118
    /tmp/1ec06055089732fea67930af74be2c95_JaffaCakes118
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    PID:1481

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1481-1-0x0000000008048000-0x0000000008054680-memory.dmp

    Download