Overview

overview

10

Static

static

7

c958f8dc1b...kes118

debian-9-armhf

10

Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    05-04-2024 03:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c958f8dc1bc3c12ac9caa0e59e4888c1_JaffaCakes118

  • Size

    37KB

  • MD5

    c958f8dc1bc3c12ac9caa0e59e4888c1

  • SHA1

    6ba09890f69f5992711382e6e111ef8c5a73dd33

  • SHA256

    b5e133c34c73d9050dd89deb3c43e71208191245a38df79367c8b63aaca5cd0d

  • SHA512

    f10770a21a4b173523fcc44eed8d39ead7ec208af1110e93c7ac600ee1c75906b6d50a5f4fef99344cf3ff572975c6069576754a714e700046ad2bb33f01fd92

  • SSDEEP

    768:cPEYw5HRhXrTCwRBMQh/kOrI08fr5GxKWM8gCy/jFSiyn7WTPSbLzoH+r8A9q3UY:cM1/HRmspxSXr/vz0LzoH1LL

Score
10/10
miraisorabotnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/c958f8dc1bc3c12ac9caa0e59e4888c1_JaffaCakes118
    /tmp/c958f8dc1bc3c12ac9caa0e59e4888c1_JaffaCakes118
    1⤵
    • Reads runtime system information
    PID:655

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/655-1-0x00008000-0x0002a890-memory.dmp
    Download