Analysis

  • max time kernel
    1s
  • max time network
    125s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    29-07-2024 17:09

General

  • Target

    5493e6caa273fe82bdeb60d29d83ec50_JaffaCakes118

  • Size

    62KB

  • MD5

    5493e6caa273fe82bdeb60d29d83ec50

  • SHA1

    b818dd6da470d15ccc5ec11fa3a606b8a8e0aa4d

  • SHA256

    72647381930e7e0f07218373449605f2b89b23d141df24747015f2a58fcb6ee1

  • SHA512

    57426f0b28ccdcb9d0079db29ddd8554701830f2ac31ddce01d6be1d9ab22901a9e8255880986d040a8e4d0978ce22874473f1c83a79bdfbb39e2fde97088f89

  • SSDEEP

    1536:wMlXnPUqLn55nUvQmNN9oPxeMWzcPwFXw1CY:tPUOnIDNE5JWJXU

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

WICKED

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/5493e6caa273fe82bdeb60d29d83ec50_JaffaCakes118
    /tmp/5493e6caa273fe82bdeb60d29d83ec50_JaffaCakes118
    1⤵
    • Reads runtime system information
    PID:703

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/703-1-0x00008000-0x0002eb54-memory.dmp