General
-
Target
f3daa8bd2ecba6ddbde6614d407b8c25_JaffaCakes118
-
Size
97KB
-
Sample
240416-ttb3rsgc2w
-
MD5
f3daa8bd2ecba6ddbde6614d407b8c25
-
SHA1
fd0aee1cf4428c3b35625116ac79babd4baf4ed7
-
SHA256
8077bb4ec400dca540d14eff742b3da14d709b0b9f49dc2968ee527a87c383d1
-
SHA512
0230ef365790cbc00cd8bb8bb3c5d41bc55d9b3e539ea1e65e0883b7379bee54f4132f425dfcfb4a7f5d087a00b77236cd77294011ceaadb963906115393d8aa
-
SSDEEP
3072:XDIkiGgcsQoeJP0r01ed6WP0qNuCd4aRP9:iU2Rd6WP0qNuCuMP9
Behavioral task
behavioral1
Sample
f3daa8bd2ecba6ddbde6614d407b8c25_JaffaCakes118
Resource
debian9-mipsbe-20240226-en
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
f3daa8bd2ecba6ddbde6614d407b8c25_JaffaCakes118
-
Size
97KB
-
MD5
f3daa8bd2ecba6ddbde6614d407b8c25
-
SHA1
fd0aee1cf4428c3b35625116ac79babd4baf4ed7
-
SHA256
8077bb4ec400dca540d14eff742b3da14d709b0b9f49dc2968ee527a87c383d1
-
SHA512
0230ef365790cbc00cd8bb8bb3c5d41bc55d9b3e539ea1e65e0883b7379bee54f4132f425dfcfb4a7f5d087a00b77236cd77294011ceaadb963906115393d8aa
-
SSDEEP
3072:XDIkiGgcsQoeJP0r01ed6WP0qNuCd4aRP9:iU2Rd6WP0qNuCuMP9
Score9/10-
Contacts a large (20669) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-