Malware Analysis Report

2024-11-13 12:58

Sample ID 240501-r71l6shd9y
Target 0c156b5b6801605bc23464ba09dfcb0d_JaffaCakes118
SHA256 4ea9063a838ceef1e66659f68df1fb99ee3e2d797dd3a9d8bb35e401c20e4f5b
Tags
mirai mirai
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

4ea9063a838ceef1e66659f68df1fb99ee3e2d797dd3a9d8bb35e401c20e4f5b

Threat Level: Known bad

The file 0c156b5b6801605bc23464ba09dfcb0d_JaffaCakes118 was found to be: Known bad.

Malicious Activity Summary

mirai mirai

Mirai family

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-05-01 14:50

Signatures

Mirai family

mirai

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-01 14:50

Reported

2024-05-01 14:53

Platform

debian9-armhf-20240226-en

Max time network

150s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
US 65.222.202.53:80 tcp
US 65.222.202.53:80 tcp
US 65.222.202.53:80 tcp
US 65.222.202.53:80 tcp
US 65.222.202.53:80 tcp
US 65.222.202.53:80 tcp
US 65.222.202.53:80 tcp
US 65.222.202.53:80 tcp
US 65.222.202.53:80 tcp
US 65.222.202.53:80 tcp
US 65.222.202.53:80 tcp
US 65.222.202.53:80 tcp
US 65.222.202.53:80 tcp
US 65.222.202.53:80 tcp

Files

N/A