Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    01-08-2024 21:55

General

  • Target

    81e0467936bc4a5c985b99765c71c47d_JaffaCakes118

  • Size

    34KB

  • MD5

    81e0467936bc4a5c985b99765c71c47d

  • SHA1

    a4a45ee2462f359cb5e01749b0de131ef96ba8a2

  • SHA256

    ac0a0e6fa2783d6e0db65299bd975ccbc5981feede90575270adb6e743784f96

  • SHA512

    a651e64c6e4fd297bb52ee52a6a9dfa7bca7d4ac3b253ced10576797739cd9d49c12c984b4e76c7497d38ef0ca13bf2ddfcb032898b055454253d0fc5de843a8

  • SSDEEP

    768:G1SXb9FeSdGFldUY8qlGTDOpf3qqEtI8rTRz8J7K3q3UI6V:HvfGFQYcTDOpvqqEtI8rlQ7KY4

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

WICKED

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/81e0467936bc4a5c985b99765c71c47d_JaffaCakes118
    /tmp/81e0467936bc4a5c985b99765c71c47d_JaffaCakes118
    1⤵
    • Reads runtime system information
    PID:650

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/650-1-0x00008000-0x0002ea84-memory.dmp