Overview

overview

10

Static

static

1

d6bdbd6293...kes118

debian-9-armhf

10

Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    08-12-2024 11:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d6bdbd6293860005b64eba326d009c46_JaffaCakes118

  • Size

    41KB

  • MD5

    d6bdbd6293860005b64eba326d009c46

  • SHA1

    996fe924ab99a64b38050808cc28a104663e7dcf

  • SHA256

    a935234ac8585e3eb6fb4a8f75d9bb2af0b75a686ad21ebc1683013eaa133ff8

  • SHA512

    8742e934f0b7796a51c244cd6562d561b8f5f6a98eea5a1317152dbb4db66bbf68a4f5ebdbbbdbf7a3f32512f30ab1a4ae5190f78c417c3f8627a49f95c9b80f

  • SSDEEP

    768:OHVS3+u2vXLxYH/JzgGqECrlQ8+QQwbkXaXXAHuBiSXyNerq3U7wA:O1SDycJzgGqdrq8+QLw+QHuyN0f

Score
10/10
miraikytonbotnetdiscovery

Malware Config

Extracted

Family

mirai

Botnet

KYTON

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/d6bdbd6293860005b64eba326d009c46_JaffaCakes118
    /tmp/d6bdbd6293860005b64eba326d009c46_JaffaCakes118
    1⤵
    • Reads runtime system information
    PID:659

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads