General
-
Target
08b2cf465ff05923f0c48c4ede32ceed_JaffaCakes118
-
Size
54KB
-
Sample
240728-etxl5sxelj
-
MD5
08b2cf465ff05923f0c48c4ede32ceed
-
SHA1
ba859709549404f6bac3c7b5d4c09bbb4fa6544a
-
SHA256
a7137431daac2b9ee282250322c98c6d1ad30c94d3f407e9975dadf4d9c17f0e
-
SHA512
0416144c8a456aad5a2957b638fcd5f65630dce63f06c88773c0630efcebe3d42e14dc7270a883410a17122f784d87b684f13f3dd9b86e758a0c2116f79b3036
-
SSDEEP
1536:d6EwVWibZ6uzpNrmvFtWbFBiWCTZVZt+xc:QVWYZ6uzv4FKFBiWoZVZQq
Behavioral task
behavioral1
Sample
08b2cf465ff05923f0c48c4ede32ceed_JaffaCakes118
Resource
ubuntu2204-amd64-20240611-en
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
08b2cf465ff05923f0c48c4ede32ceed_JaffaCakes118
-
Size
54KB
-
MD5
08b2cf465ff05923f0c48c4ede32ceed
-
SHA1
ba859709549404f6bac3c7b5d4c09bbb4fa6544a
-
SHA256
a7137431daac2b9ee282250322c98c6d1ad30c94d3f407e9975dadf4d9c17f0e
-
SHA512
0416144c8a456aad5a2957b638fcd5f65630dce63f06c88773c0630efcebe3d42e14dc7270a883410a17122f784d87b684f13f3dd9b86e758a0c2116f79b3036
-
SSDEEP
1536:d6EwVWibZ6uzpNrmvFtWbFBiWCTZVZt+xc:QVWYZ6uzv4FKFBiWoZVZQq
Score8/10-
Contacts a large (1759) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Deletes itself
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-