Overview

overview

10

Static

static

5

9039f8d195...kes118

debian-12-armhf

10

Analysis

  • max time kernel
    0s
  • max time network
    140s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240418-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240418-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    23-11-2024 19:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9039f8d195ff76b98e77eb8e5842cc80_JaffaCakes118

  • Size

    50KB

  • MD5

    9039f8d195ff76b98e77eb8e5842cc80

  • SHA1

    29be3628008f05660823812392a66cf238fffbc8

  • SHA256

    c3397efbd3175ebc4e1bac3bc6fb42d2ccb591368184e70eb2f5af5c8ab4680a

  • SHA512

    ea6390e3292e9f36fd0600c764ea991161436ba4abba935923d43432300e3db7fd8d28bb8ee26ee5fa58968aef4974b5973c92eb811b3f3a000e4d6ce180ef36

  • SSDEEP

    1536:ltxomzxniU6wuEdMuuXVebLE5J6RYzBZJ:+mztiSuYSVebLEz6RYzF

Score
10/10
miraisorabotnetdiscovery

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/9039f8d195ff76b98e77eb8e5842cc80_JaffaCakes118
    /tmp/9039f8d195ff76b98e77eb8e5842cc80_JaffaCakes118
    1⤵
    • Reads runtime system information
    PID:695

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/695-1-0x00008000-0x00029ecc-memory.dmp

    Download