Malware Analysis Report

2024-10-10 12:33

Sample ID 240810-rckx8ssekp
Target 865718c9a9c4f9dfae28df985bb7737e_JaffaCakes118
SHA256 3c9016b4dc28e220faa474bc6fcb50a95416ee8fba72bc4be185fb8347a7bfaf
Tags
josho mirai
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

3c9016b4dc28e220faa474bc6fcb50a95416ee8fba72bc4be185fb8347a7bfaf

Threat Level: Known bad

The file 865718c9a9c4f9dfae28df985bb7737e_JaffaCakes118 was found to be: Known bad.

Malicious Activity Summary

josho mirai

Mirai family

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-08-10 14:02

Signatures

Mirai family

mirai

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-10 14:02

Reported

2024-08-10 14:05

Platform

debian12-armhf-20240221-en

Max time kernel

0s

Max time network

154s

Command Line

[/tmp/865718c9a9c4f9dfae28df985bb7737e_JaffaCakes118]

Signatures

N/A

Processes

/tmp/865718c9a9c4f9dfae28df985bb7737e_JaffaCakes118

[/tmp/865718c9a9c4f9dfae28df985bb7737e_JaffaCakes118]

Network

Country Destination Domain Proto
US 1.1.1.1:53 debian12-armhf-20240221-en-11 udp
US 1.1.1.1:53 debian12-armhf-20240221-en-11 udp
US 1.1.1.1:53 debian12-armhf-20240221-en-11 udp
US 1.1.1.1:53 debian12-armhf-20240221-en-11 udp

Files

N/A