Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    18-04-2024 07:22

General

  • Target

    f78772b48d6af4aa53c33fa765b91b53_JaffaCakes118

  • Size

    33KB

  • MD5

    f78772b48d6af4aa53c33fa765b91b53

  • SHA1

    5e3494e7af549863ba24d67f789cc50b46b92689

  • SHA256

    785e7f14e2f7c6bf019e9df236560e14e8e95686a44ecfa097e92728987206ca

  • SHA512

    5adbf25a715378ae0e954f274ebdbcf080352cb863e4f7a13c7e944d08420aef417a837246d514d44871d5039797384e05db4ad57fd26917cfd2c2134cf63e6c

  • SSDEEP

    768:0DQXRSOX71UMg/plgo2cHOIVeJF/4ReHWs3Uozw:TX8mUhBlgo2ZTNL7zw

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/f78772b48d6af4aa53c33fa765b91b53_JaffaCakes118
    /tmp/f78772b48d6af4aa53c33fa765b91b53_JaffaCakes118
    1⤵
    • Reads runtime system information
    PID:659

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/659-1-0x00008000-0x00029ec4-memory.dmp