General
-
Target
5b043729ecd745af6e2cb04850ce64e6_JaffaCakes118
-
Size
60KB
-
Sample
240519-xyqnhade8s
-
MD5
5b043729ecd745af6e2cb04850ce64e6
-
SHA1
d00ae3117ad4a7bb4eccfd4c9bfa85433014685d
-
SHA256
18f187bf142035c31500e5a02920ab0ea1c70f80ed1a8e43c19f5b82a0c91cfe
-
SHA512
ec541c57532c54f4d9e55a3dc699196293f7d14f5b587464ac9330eb1ba492c79e014025ba5d2eed7bc919e5b8b16e4478bd4f216064c4d553373dbfec155ce2
-
SSDEEP
1536:Gad2JCsoeHSEBmkOnPWZSWF/98VM2IgtjoqsYw:GaEJCsozQmkOnaSWF/9aM2dNVVw
Behavioral task
behavioral1
Sample
5b043729ecd745af6e2cb04850ce64e6_JaffaCakes118
Resource
ubuntu2004-amd64-20240508-en
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
5b043729ecd745af6e2cb04850ce64e6_JaffaCakes118
-
Size
60KB
-
MD5
5b043729ecd745af6e2cb04850ce64e6
-
SHA1
d00ae3117ad4a7bb4eccfd4c9bfa85433014685d
-
SHA256
18f187bf142035c31500e5a02920ab0ea1c70f80ed1a8e43c19f5b82a0c91cfe
-
SHA512
ec541c57532c54f4d9e55a3dc699196293f7d14f5b587464ac9330eb1ba492c79e014025ba5d2eed7bc919e5b8b16e4478bd4f216064c4d553373dbfec155ce2
-
SSDEEP
1536:Gad2JCsoeHSEBmkOnPWZSWF/98VM2IgtjoqsYw:GaEJCsozQmkOnaSWF/9aM2dNVVw
Score9/10-
Contacts a large (20555) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-