Extracted

• • Target

    e04b14b5a824043ce8e1fd9ef4f7de3e_JaffaCakes118

  • Size

    29KB

  • MD5

    e04b14b5a824043ce8e1fd9ef4f7de3e

  • SHA1

    1de4094762f2e20ca0c165de6140511b992fdefd

  • SHA256

    cf08c26bc68462ebbefe453bd2cda333e2378b2f4c465acac9b0a5b88bce2f97

  • SHA512

    84cd8eb7b4ed45509c117ea904bb199462a295c80f016725b0e3c485a6298b2d1487703eda7e1e79477a43a25f60d4d4719574f8aa71f4eabb84654491f3c2aa

  • SSDEEP

    768:eHbKO/gkgnb5i/n1EbuA8+4iejlMPnnJOrZGKyXMsOIroNJgGlzDpbuR1Jf:POjgnb5i/nqbudwnJcQcsMnVJul

  Score

  10^/10

  miraimiraibotnetdefense_evasiondiscovery

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai

  • Mirai family

    mirai

  • Contacts a large (1640) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion

  • Enumerates active TCP sockets

    Gets active TCP sockets from /proc virtual filesystem.

    discovery
  behavioral1