General
-
Target
JaffaCakes118_f1c441cc7ed3bebb6a67039b21e15fdb711a76fa44c449d27c29ee8290659b86
-
Size
65KB
-
Sample
241221-x3qt3axkhw
-
MD5
24966ba71152736ca0645a90162a4008
-
SHA1
6e2be3b3145d4dea697acfc8d0c9da658b3d439b
-
SHA256
f1c441cc7ed3bebb6a67039b21e15fdb711a76fa44c449d27c29ee8290659b86
-
SHA512
f58ef65bfaf8c5a78a21367ee6b6fa8646441fed7bdd3637353a1f631ba69204470374b184b89107921c6962adc7d8e6126e67ca31db462b6deeb32051e3b46d
-
SSDEEP
1536:w05TnjhHJDfTUOrifhqiNSMNxeJVSBOoU+G0FeStBlJ4mHGyl5Px:fnVp1rQq8SMNg6Bb/G0DBcmHG4b
Behavioral task
behavioral1
Sample
b62663f78ed6ac311e8e7f3133ef8702cfb880eff661109659e485c574f3ccc7.elf
Resource
debian9-armhf-20240729-en
Malware Config
Extracted
mirai
BOTNET
Targets
-
-
Target
b62663f78ed6ac311e8e7f3133ef8702cfb880eff661109659e485c574f3ccc7.elf
-
Size
144KB
-
MD5
958d2d0bcc11c017191be1bf310c1b03
-
SHA1
a6408750603d65ffc176b0ce232d4917ed776194
-
SHA256
b62663f78ed6ac311e8e7f3133ef8702cfb880eff661109659e485c574f3ccc7
-
SHA512
2af0abb1d3a71aea0934edfb0267b8a548d1c84968196fbbf466daf215623b1bac0d8641e0d1c746be6ef64cb6ce02355930e5aa47a68c946c4a187b808be063
-
SSDEEP
3072:dHJsafpCxVoEcameWxaURhK4HVbKbjQzt0oM/9XD4oOp9j:7safmVrcameWxaURM4E3QztfM/9XDLOX
Score9/10-
Contacts a large (68313) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Deletes itself
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-