General
-
Target
e3113478dc60ca208801aec1d9043767_JaffaCakes118
-
Size
57KB
-
Sample
241211-y47pms1qbr
-
MD5
e3113478dc60ca208801aec1d9043767
-
SHA1
ca6027954315f4f646d8fba65ab790c4a2902b4f
-
SHA256
120df2cde51a308b0c352a99e5bd5d5f62b8c692a328b128c78d70b32fc2554b
-
SHA512
3227b40fbe8d038d26729c7883ad1e565542e4bebd4335b29b768e532dd3a29807cff6ee76377c876c27e9c59c4531df2fe7a5ba57264248c8a5192b341588b2
-
SSDEEP
1536:XOZsgTUYDWJVtJ04OD1aQjC/AmIcJESXNYWvvoSXaCu9mzerM:AVTOJVY4ODLAqgE+RBXaB0eA
Behavioral task
behavioral1
Sample
e3113478dc60ca208801aec1d9043767_JaffaCakes118
Resource
debian12-armhf-20240221-en
Malware Config
Extracted
mirai
UNSTABLE
cnc.casualaffinity.net
scan.casualaffinity.net
Targets
-
-
Target
e3113478dc60ca208801aec1d9043767_JaffaCakes118
-
Size
57KB
-
MD5
e3113478dc60ca208801aec1d9043767
-
SHA1
ca6027954315f4f646d8fba65ab790c4a2902b4f
-
SHA256
120df2cde51a308b0c352a99e5bd5d5f62b8c692a328b128c78d70b32fc2554b
-
SHA512
3227b40fbe8d038d26729c7883ad1e565542e4bebd4335b29b768e532dd3a29807cff6ee76377c876c27e9c59c4531df2fe7a5ba57264248c8a5192b341588b2
-
SSDEEP
1536:XOZsgTUYDWJVtJ04OD1aQjC/AmIcJESXNYWvvoSXaCu9mzerM:AVTOJVY4ODLAqgE+RBXaB0eA
Score10/10-
Mirai family
-
Contacts a large (157109) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-