Analysis

  • max time kernel
    0s
  • max time network
    146s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    26-09-2024 09:29

General

  • Target

    f81081bb691b4ea8446227581bcdef60_JaffaCakes118

  • Size

    34KB

  • MD5

    f81081bb691b4ea8446227581bcdef60

  • SHA1

    febd3a066bbfd60f0037d1a23489e0995989d07a

  • SHA256

    7ff9ca18ae7c98f2107fe8ebba906d82da2f4c37640845cfd548abd169786ff0

  • SHA512

    fd071acb61d89b81fe8d3b076d4c7a820a2aa6a5278b6f12f69e973d975969643f8180eda02b6b4350260a28dcaac1c4e19b662db12a807b8861be0bd3456671

  • SSDEEP

    768:ndUIRDkL4g5uD9mRz9ssgALhUo9w8C50QU7u+X6Lrx756FTq3UI/K:dHRD4ZuMz9HJdC5CaU4rxY0y

Malware Config

Extracted

Family

mirai

Botnet

WICKED

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/f81081bb691b4ea8446227581bcdef60_JaffaCakes118
    /tmp/f81081bb691b4ea8446227581bcdef60_JaffaCakes118
    1⤵
    • Reads runtime system information
    PID:706

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/706-1-0x00008000-0x0002ea84-memory.dmp