mirai | f689be2c03b7c8a75bec4e3b24b7dfbf836a9dc3b94fc8d54361589c331c16af | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

e1b38b1f1c...kes118

ubuntu-24.04-amd64

7

Sharing

General

Target

e1b38b1f1c0d0e5f68ecacc24a969257_JaffaCakes118
Size

52KB
Sample

240915-e25ygswcjp
MD5

e1b38b1f1c0d0e5f68ecacc24a969257
SHA1

56df29bb6fe32cc4a444929bd3b91eaaed9c543e
SHA256

f689be2c03b7c8a75bec4e3b24b7dfbf836a9dc3b94fc8d54361589c331c16af
SHA512

cd5f7a6598845e2793aa8d2ad2a513a95a219b2073c08b05926a46e39c82475efecef88851d318b6cdf047df3b59598d54aa2105e86528deb2bd714a4388f73e
SSDEEP

1536:P9m5R2g4lWlN3T0tzPHkbVPnd+Wf1RQluTpMia:U2gU2N3T0tzPHkbVPnME1RKgJa

Score

10^/10

mirai hikari linux rootkit

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e1b38b1f1c0d0e5f68ecacc24a969257_JaffaCakes118

Resource

ubuntu2404-amd64-20240523-en

ubuntu-24.04-amd64

1 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

HIKARI

C2

cnc.alprazolam.rip

scan.alprazolam.rip

Targets

- Target
  
  e1b38b1f1c0d0e5f68ecacc24a969257_JaffaCakes118
- Size
  
  52KB
- MD5
  
  e1b38b1f1c0d0e5f68ecacc24a969257
- SHA1
  
  56df29bb6fe32cc4a444929bd3b91eaaed9c543e
- SHA256
  
  f689be2c03b7c8a75bec4e3b24b7dfbf836a9dc3b94fc8d54361589c331c16af
- SHA512
  
  cd5f7a6598845e2793aa8d2ad2a513a95a219b2073c08b05926a46e39c82475efecef88851d318b6cdf047df3b59598d54aa2105e86528deb2bd714a4388f73e
- SSDEEP
  
  1536:P9m5R2g4lWlN3T0tzPHkbVPnd+Wf1RQluTpMia:U2gU2N3T0tzPHkbVPnME1RKgJa
Score

7^/10

rootkit
- Loads a kernel module
  Loads a Linux kernel module, potentially to achieve persistence
  rootkit
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy