Analysis

  • max time kernel
    0s
  • max time network
    147s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    01-08-2024 18:26

General

  • Target

    818e88586792fed1fc82b25b376b3314_JaffaCakes118

  • Size

    29KB

  • MD5

    818e88586792fed1fc82b25b376b3314

  • SHA1

    c8e6635a84a6836bbd1051aa919a755255954a8b

  • SHA256

    8279b50574fc61a20652ea9631be664ebef394dba49686db60f33612f73e7fb4

  • SHA512

    7a31030d26d0ebd4e844b4fb9721d73ebafbce9369990c06019a4fb2e119759d87fedee5377d505f479092ee8b5386d6d743533d751fd0a8cb66e0a3fcd816ca

  • SSDEEP

    768:acKNT+9u4r++2uReWe5lE7EwIx9q3UEL5i:Zxo4rz2oT/Lk

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/818e88586792fed1fc82b25b376b3314_JaffaCakes118
    /tmp/818e88586792fed1fc82b25b376b3314_JaffaCakes118
    1⤵
    • Reads runtime system information
    PID:711

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/711-1-0x00008000-0x0002aa94-memory.dmp